[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#8545: issues with recent doprnt-related changes

From: Eli Zaretskii
Subject: bug#8545: issues with recent doprnt-related changes
Date: Thu, 28 Apr 2011 01:02:13 -0400

> From: Juanma Barranquero <address@hidden>
> Date: Thu, 28 Apr 2011 03:32:23 +0200
> Cc: Eli Zaretskii <address@hidden>, address@hidden
> On Thu, Apr 28, 2011 at 01:51, Paul Eggert <address@hidden> wrote:
> > If fmt is actually greater than format_end, it's pointing past the end
> > of an object, so the C code is relying on undefined behavior and the
> > check therefore isn't portable.
> I'm no expert on the C standard, but would it be undefined behavior,
> as long as the pointer has not been dereferenced? A cursory look
> suggests that fmt == format_end + 1 is possible, but fmt is not
> dereferenced in that case.

My (not-so cursory) look at the code suggests that we do dereference
it, in this fragment:

          switch (*fmt++)
              error ("Invalid format operation %%%s%c",
                     long_flag ? "l" : "", fmt[-1]);

If fmt > format_end, this will dereference the address beyond
format_end.  I thought showing the last character of the format string
itself is a better idea.  It is also exactly equivalent to what the
code will do and display when *format_end == '\0'.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]