Summary: | open_memstream() does not initialize wide character struct info, leading to a crash | ||
---|---|---|---|
Product: | glibc | Reporter: | Julius Plenz <libc-bugs> |
Component: | libc | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bugdal, carlos, drepper.fsp, ondra |
Priority: | P2 | Flags: | fweimer:
security-
|
Version: | 2.17 | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Julius Plenz
2013-04-19 10:00:35 UTC
Not exactly a bug. The stream returned by open_memstream is byte-oriented, so calling any wide character stdio function on it invokes undefined behavior. Similarly, open_wmemstream returns a wide-oriented stream, so calling any byte-oriented stdio function on it would invoke undefined behavior. True. When you issue fwide() on such a stream, it is already determined that it is char-oriented. I didn’t see that until now. In my opinion it would be good to expose this “undefined” behavior by invalidating the pointer. Because right now you’ll only see this bug in “lucky” circumstances; often it will go unnoticed. Fixed on master by commit bae143d2702e5ca1265c55b06072afba01bfc07a |