This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH] Fix __printf_fp


Hi!

For IEEE quad long double with BITS_PER_MP_LIMB 32, mantissa takes exactly
4 limbs.  Until now any mantissa took at most 2 limbs (either IEEE extended
long double on 32-bit arch or IEEE quad on 64-bit arch) and bignum_size
reserved at least twice as many limbs for extra operations (e.g. it
does frac[fracsize++] = cy; in certain cases etc.).
Without this printf with certain numbers results in buffer overflows.

2004-03-24  Jakub Jelinek  <jakub@redhat.com>

	* stdio-common/printf_fp.c (__printf_fp): For IEEE quad long double
	on 32-bit architectures reserve 8 limbs instead of 4.

--- libc/stdio-common/printf_fp.c.jj	2004-03-23 12:28:47.000000000 -0500
+++ libc/stdio-common/printf_fp.c	2004-03-24 11:01:38.000000000 -0500
@@ -431,7 +431,9 @@ __printf_fp (FILE *fp,
      would be really big it could lead to memory problems.  */
   {
     mp_size_t bignum_size = ((ABS (exponent) + BITS_PER_MP_LIMB - 1)
-			     / BITS_PER_MP_LIMB + 4) * sizeof (mp_limb_t);
+			     / BITS_PER_MP_LIMB
+			     + (LDBL_MANT_DIG / BITS_PER_MP_LIMB > 2 ? 8 : 4))
+			    * sizeof (mp_limb_t);
     frac = (mp_limb_t *) alloca (bignum_size);
     tmp = (mp_limb_t *) alloca (bignum_size);
     scale = (mp_limb_t *) alloca (bignum_size);

	Jakub


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]