[PATCH] svfwscanf: Simplify _sungetwc_r to eliminate apparent buffer overflow
Keith Packard
keithp@keithp.com
Thu Aug 19 15:17:27 GMT 2021
Corinna Vinschen <vinschen@redhat.com> writes:
> Given all chars are sizeof(wchar_t), how's the buffer ever going to
> become unaligned?
It places the wchar_t at the end of _ubuf, which is 3 bytes long, making
it unaligned:
fp->_p = &fp->_ubuf[sizeof (fp->_ubuf) - sizeof (wchar_t)];
--
-keith
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://sourceware.org/pipermail/newlib/attachments/20210819/86110a4f/attachment.sig>
More information about the Newlib
mailing list