Summary: | vfprintf() segfault with multibyte string and long precision | ||
---|---|---|---|
Product: | glibc | Reporter: | Victor Stinner <victor.stinner> |
Component: | libc | Assignee: | Ulrich Drepper <drepper.fsp> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | glibc-bugs, madcoder |
Priority: | P2 | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: | ||
Attachments: | fix for that bug |
Description
Victor Stinner
2007-04-30 13:46:18 UTC
Created attachment 1742 [details]
fix for that bug
FWIW here is a patch that should fix it. As you can guess, 'ignore' is an
ignored variable, hence __mbsnrtowcs is only used for mbs validation. So
passing NULL will work.
(yes I know that if passing NULL __mbsnrtowcs does not respect 'len' but it's
not relevant here, as we want to check 'spec' bytes from the mb sequence, and
the wchar_t buffer is made on purpose of 'spec' wchar_t's, so the 'len'
stopping condition will never be triggered, hence passing NULL as a dst will
work).
(In reply to comment #1) > Created an attachment (id=1742) > fix for that bug except that it does not work, presumably because when passing NULL as dst, the mbstate is not updated. The current code forcing the conversion into a wchar string seems quite sloppy, but I see no obvious way to deal with it. So a better patch will need to be worked out :| I've checked in a patch. And next time, don't mess with priorities and severity. This is not something to be guessed by the submitter. Thank you for your quick reaction ;-) Sorry for severity/priority, I will leave them with default value next time. Subject: Bug 4438 CVSROOT: /cvs/glibc Module name: libc Branch: glibc-2_5-branch Changes by: jakub@sourceware.org 2007-07-12 15:15:03 Modified files: . : ChangeLog stdio-common : test-vfprintf.c vfprintf.c Log message: 2007-05-04 Ulrich Drepper <drepper@redhat.com> * stdio-common/vfprintf.c (process_string_arg): Adjust call to __mbsnrtowcs after last change. 2007-05-02 Jakub Jelinek <jakub@redhat.com> * stdio-common/vfprintf.c (process_string_arg): Use a VLA rather than fixed length array for ignore. 2007-04-30 Ulrich Drepper <drepper@redhat.com> [BZ #4438] * stdio-common/vfprintf.c (process_string_arg): Don't overflow the stack for large precisions. * stdio-common/test-vfprintf.c (main): Add test for large precision. Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/libc/ChangeLog.diff?cvsroot=glibc&only_with_tag=glibc-2_5-branch&r1=1.10362.2.79&r2=1.10362.2.80 http://sourceware.org/cgi-bin/cvsweb.cgi/libc/stdio-common/test-vfprintf.c.diff?cvsroot=glibc&only_with_tag=glibc-2_5-branch&r1=1.4&r2=1.4.8.1 http://sourceware.org/cgi-bin/cvsweb.cgi/libc/stdio-common/vfprintf.c.diff?cvsroot=glibc&only_with_tag=glibc-2_5-branch&r1=1.134&r2=1.134.2.1 |