This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Fix modification of string literal by swprintf

From: Corinna Vinschen <vinschen at redhat dot com>
To: newlib at sourceware dot org
Date: Fri, 9 Jun 2017 15:32:36 +0200
Subject: Re: Fix modification of string literal by swprintf
Authentication-results: sourceware.org; auth=none
Authentication-results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=vinschen at redhat dot com
Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com EC0F9C057FA4
Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com EC0F9C057FA4
References: <608ad190-c35e-76b1-99d3-e96dd64d85e2@foss.arm.com> <20170607100157.GB18287@calimero.vinschen.de> <50149eef-d512-4bb0-3d5e-fcd6302b8083@foss.arm.com> <4dd496b3-b19c-8618-a701-5f1d15f1a602@foss.arm.com>
Reply-to: newlib at sourceware dot org

On Jun  8 13:15, Thomas Preudhomme wrote:
> Please find his updated patch attached.
> 
> Best regards,
> 
> Thomas

> >From ee96a273969b0bccd308b81bcdf37a6fdefa06f6 Mon Sep 17 00:00:00 2001
> From: Silviu Baranga <silviu.baranga@arm.cm>
> Date: Mon, 5 Jun 2017 09:54:42 +0100
> Subject: [PATCH] Don't overread or write memory returned by _DTOA_R
> 
> Don't over-read memory returned by _DTOA_R, and never write to it
> since the result might be a string literal.
> 
> For example, when doing:
>   swprintf(tt, 20, L"%.*f", 6, 0.0);
> 
> we will get back "0".
> 
> Instead, write the result returned by _DTOA_R to the output buffer.
> After this, write the 0 chars directly to the the output buffer
> (if there are any). This also has the (marginal) advantage that
> we read/write less memory overall.

Pushed.


Thanks,
Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: Re: Fix modification of string literal by swprintf
  - From: Renlin Li

References:
- Fix modification of string literal by swprintf
  - From: Thomas Preudhomme
- Re: Fix modification of string literal by swprintf
  - From: Corinna Vinschen
- Re: Fix modification of string literal by swprintf
  - From: Thomas Preudhomme
- Re: Fix modification of string literal by swprintf
  - From: Thomas Preudhomme

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]