bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gnulib bugs on OSX & C++


From: Bruno Haible
Subject: Re: gnulib bugs on OSX & C++
Date: Sat, 10 Apr 2010 22:19:53 +0200
User-agent: KMail/1.9.9

Jarno Rajahalme wrote:
> - I also had the program crash on malloc error when I accidentally had the
> fprintf format string containing "%S" (apparently expecting wide character
> input, while not getting it) instead of "%s".  

I can reproduce it, with your test program (modified to use %S instead of %s).

There were two bugs in this area:
  1) an abort() in a valid use case,
  2) an endless loop that allocates more and more memory, without bounds.


This fixes the first bug:

2010-04-10  Bruno Haible  <address@hidden>

        vasnprintf: Fix crash in %ls directive.
        * lib/vasnprintf.c (VASNPRINTF): Don't abort when a unconvertible wide
        string is passed as argument to %ls, with no precision and no width.
        Reported by Jarno Rajahalme <address@hidden>.

--- lib/vasnprintf.c.orig       Sat Apr 10 22:16:45 2010
+++ lib/vasnprintf.c    Sat Apr 10 22:11:26 2010
@@ -2605,8 +2605,16 @@
                           count = wctomb (cbuf, *arg);
 #   endif
                           if (count <= 0)
-                            /* Inconsistency.  */
-                            abort ();
+                            {
+                              /* Cannot convert.  */
+                              if (!(result == resultbuf || result == NULL))
+                                free (result);
+                              if (buf_malloced != NULL)
+                                free (buf_malloced);
+                              CLEANUP ();
+                              errno = EILSEQ;
+                              return NULL;
+                            }
                           ENSURE_ALLOCATION (xsum (length, count));
                           memcpy (result + length, cbuf, count);
                           length += count;




reply via email to

[Prev in Thread] Current Thread [Next in Thread]