This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug stdio/17829] Incorrect handling of precision specifier in printf family
- From: "carlos at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Wed, 18 Feb 2015 14:32:58 +0000
- Subject: [Bug stdio/17829] Incorrect handling of precision specifier in printf family
- Auto-submitted: auto-generated
- References: <bug-17829-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17829
Carlos O'Donell <carlos at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |carlos at redhat dot com
--- Comment #2 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Florian Weimer from comment #1)
> Carlos, do you remember what the â32â in stdio-common/vfprintf.c guards
> against? (You helped to fix some overflow-related issues in this area.)
>
> 1574 if (prec > width
> 1575 && prec > sizeof (work_buffer) / sizeof (work_buffer[0]) -
> 32)
> 1576 {
> 1577 if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) -
> 32))
> 1578 {
> 1579 __set_errno (EOVERFLOW);
> 1580 done = -1;
> 1581 goto all_done;
> 1582 }
> 1583 size_t needed = ((size_t) prec + 32) * sizeof (CHAR_T);
>
> I'm a bit at a loss here. Certainly, this use is not recommended because
> printf will allocate tons of memory as part of the format processing.
The +32 is an arbitrarily selected value to make the buffer large enough to be
OK for the largest precision we need. It is an artifact of sloppy accounting
for how much would be needed. The correct fix is to be more precise in
computing what we need.
--
You are receiving this mail because:
You are on the CC list for the bug.