possible snprintf() regression in 3.3.2

Tony Cook tony@develop-help.com
Mon Nov 22 23:23:02 GMT 2021 

On Mon, Nov 22, 2021 at 02:04:06PM +0100, Corinna Vinschen via Cygwin wrote:
> On Nov 22 11:34, Corinna Vinschen via Cygwin wrote:
> > On Nov 21 11:16, Tony Cook wrote:
> > > On Thu, Nov 18, 2021 at 09:08:40PM +0000, Sam Edge via Cygwin wrote:
> > > > I use newlib on embedded with threading libs that have predetermined
> > > > fixed thread stack sizes. While we tend to have more RAM than in former
> > > > times we also have multiple thread stacks. Use of alloca() or variable
> > > > length automatic arrays makes me wince especially in code I might not be
> > > > able to avoid calling which is often the case with XXXprintf() in
> > > > third-party libraries' debug output. I'd usually rather take the
> > > > performance hit from using heap instead of having to make all my stacks
> > > > bigger.
> > > 
> > > A simple option would be to use an small auto fixed buffer for most
> > > conversions, but use malloc() for %f formats for numbers greater in
> > > magnitude than some limit, though it would also need to be adjusted
> > > for the precision (ndigits here), since they take extra space.
> > > 
> > > This would avoid using the optional-to-implement VLA feature too.
> > 
> > Good idea.  I guess I create a simple fix doing just that.
> 
> I created a patch:
> https://sourceware.org/git/?p=newlib-cygwin.git;a=commitdiff;h=68faeef4be71
> 
> Please test the latest developer snapshot from http://cygwin.com/snapshots/

I don't think this solves the fundamental problem.

Simply looking at ndigits isn't enough for %f.

For %f with a large number (like 9e99), the buffer size required is
ndigits plus (roughly) log10(n), which we can further estimate
with log2(n)*146/485 (log2(10) is 3.32 ~== 485/146)

I think something more like:

  size_t outsize;
  if (mode == 3) {        /* %f */
    int expon = (e[NI-1] & 0x7fff) - (EXONE - 1); /* exponent part of float */
    /* log2(10) approximately 485/146 */
    outsize = expon * 146 / 485 + ndigits + 10;
  }
  else { /* %g/%e */
    outsize = ndigits + MAX_EXP_DIGITS + 10;
  }
  if (outsize > NDEC_SML) {
    outbuf = (char *)_malloc_r(ptr, outsize);
  }

You'll probably need to pass outsize into etoasc() rather than
calculating it.

See https://github.com/Perl/perl5/blob/blead/sv.c#L13295 for code in
perl that calculates the buffer size needed for %f (precis aka ndigits
is added at line 13385).

Tony

More information about the Cygwin mailing list