Wget crash in printf - bugfix

[Wiebe Cazemier]

Hi,

We're getting the following segfault. We haven't been able to reproduce it with 
debug builds or builds from 'apt-get source wget', so here's a trace from the 
release build 1.21.2-2ubuntu1 (from Ubuntu 22.04):

dmesg line: wget[3522173]: segfault at 1 ip 00007f17a81a023c sp 
00007fff7b14e7f8 error 4 in libc.so.6[7f17a8016000+195000]


#0  __strlen_evex () at ../sysdeps/x86_64/multiarch/strlen-evex.S:77
#1  0x00007f111424cdb1 in __vfprintf_internal (s=s@entry=0x7ffc2e5c50d0, 
format=format@entry=0x55e763577735 "%.*f %s", ap=ap@entry=0x7ffc2e5c5250, 
mode_flags=mode_flags@entry=2) at ./stdio-common/vfprintf-internal.c:1517
#2  0x00007f111425e51a in __vsnprintf_internal (string=0x55e763591080 "7.95 
GB/s", maxlen=<optimized out>, format=0x55e763577735 "%.*f %s", 
args=args@entry=0x7ffc2e5c5250, mode_flags=2) at ./libio/vsnprintf.c:114
#3  0x00007f111430ace5 in ___snprintf_chk (s=<optimized out>, maxlen=<optimized 
out>, flag=<optimized out>, slen=<optimized out>, format=<optimized out>) at 
./debug/snprintf_chk.c:38
#4  0x000055e76353d69c in ?? ()
#5  0x000055e763538656 in ?? ()
#6  0x000055e763542c8b in ?? ()
#7  0x000055e763545482 in ?? ()
#8  0x000055e763517cee in ?? ()
#9  0x00007f11141ffd90 in __libc_start_call_main 
(main=main@entry=0x55e763516260, argc=argc@entry=4, 
argv=argv@entry=0x7ffc2e5c5cd8) at ../sysdeps/nptl/libc_start_call_main.h:58
#10 0x00007f11141ffe40 in __libc_start_main_impl (main=0x55e763516260, argc=4, 
argv=0x7ffc2e5c5cd8, init=<optimized out>, fini=<optimized out>, 
rtld_fini=<optimized out>, stack_end=0x7ffc2e5c5cc8) at ../csu/libc-start.c:392
#11 0x000055e7635192d5 in ?? ()


Attached is a patch to fix something that at least looks like it can cause a 
crash, but looking at this stack trace, which already shows the formatted 
string "7.95 GB/s" in the output string, I'm not sure if that is really the 
fix/cause.

Regards,

Wiebe

0001-Fix-missing-speed-category-and-possible-crash.patch
Description: application/mbox