[PATCH] svfwscanf: Simplify _sungetwc_r to eliminate apparent buffer overflow
Corinna Vinschen
vinschen@redhat.com
Thu Aug 19 15:38:51 GMT 2021
[Please don't CC me, I'm reading the ML all the time. Thanks]
On Aug 19 08:17, Keith Packard wrote:
> Corinna Vinschen <vinschen@redhat.com> writes:
>
> > Given all chars are sizeof(wchar_t), how's the buffer ever going to
> > become unaligned?
>
> It places the wchar_t at the end of _ubuf, which is 3 bytes long, making
> it unaligned:
>
> fp->_p = &fp->_ubuf[sizeof (fp->_ubuf) - sizeof (wchar_t)];
Oops, right.
Thanks,
Corinna
More information about the Newlib
mailing list