public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/6530] New: *printf() and incomplete multibyte sequences may cause infinite loops
@ 2008-05-18 10:23 madcoder at debian dot org
2008-05-18 10:24 ` [Bug libc/6530] " madcoder at debian dot org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: madcoder at debian dot org @ 2008-05-18 10:23 UTC (permalink / raw)
To: glibc-bugs
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 1872 bytes --]
With the following testcase, it happens while it shouldn't, according to
the manual:
-----8<-------
#include <stdio.h>
#include <locale.h>
#define STR "²éľÂíɱ²¡¶¾£¬ÖܺèµtÄúµÄ360²»×¨Òµ£¡"
int main(void) {
char buf[200];
setlocale(LC_ALL, "");
printf("%d\n", snprintf(buf, 150, "%.50s", STR));
return 0;
}
----->8-------
The manual page has this to say:
About precision:
An optional precision, in the form of a period (‘.’) followed by an
optional decimal digit string.(...) This gives (...) the maximum
number of characters to be printed from a string for s and S
conversions.
About s:
If no l modifier is present: The const char * argument is expected to
be a pointer to an array of character type(...)
If an l modifier is present: The const wchar_t * argument is expected
to be a pointer to an array of wide characters. Wide characters from
the array are converted to multibyte characters (...)
There is no "l" modifier, but still, the string goes through the
multibyte conversion code, and fails because the string is invalid
multibyte.
Note, it only works with non UTF-8 locale set in LC_CTYPE or LC_ALL.
This is debian bug http://bugs.debian.org/208308
--
Summary: *printf() and incomplete multibyte sequences may cause
infinite loops
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: madcoder at debian dot org
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=6530
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/6530] *printf() and incomplete multibyte sequences may cause infinite loops
2008-05-18 10:23 [Bug libc/6530] New: *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
@ 2008-05-18 10:24 ` madcoder at debian dot org
2008-05-18 10:39 ` [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly madcoder at debian dot org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: madcoder at debian dot org @ 2008-05-18 10:24 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |debian-glibc at lists dot
| |debian dot org
http://sourceware.org/bugzilla/show_bug.cgi?id=6530
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly
2008-05-18 10:23 [Bug libc/6530] New: *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
2008-05-18 10:24 ` [Bug libc/6530] " madcoder at debian dot org
@ 2008-05-18 10:39 ` madcoder at debian dot org
2008-05-18 10:39 ` [Bug libc/6530] *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
2010-08-30 13:57 ` [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly avarab at gmail dot com
3 siblings, 0 replies; 5+ messages in thread
From: madcoder at debian dot org @ 2008-05-18 10:39 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
Summary|*printf() and incomplete |*printf() and incomplete
|multibyte sequences may |multibyte sequences returns
|cause infinite loops |-1 bogusly
http://sourceware.org/bugzilla/show_bug.cgi?id=6530
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/6530] *printf() and incomplete multibyte sequences may cause infinite loops
2008-05-18 10:23 [Bug libc/6530] New: *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
2008-05-18 10:24 ` [Bug libc/6530] " madcoder at debian dot org
2008-05-18 10:39 ` [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly madcoder at debian dot org
@ 2008-05-18 10:39 ` madcoder at debian dot org
2010-08-30 13:57 ` [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly avarab at gmail dot com
3 siblings, 0 replies; 5+ messages in thread
From: madcoder at debian dot org @ 2008-05-18 10:39 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From madcoder at debian dot org 2008-05-18 10:38 -------
Err the title is bogus, the thing is that sprintf returns -1 bogusly, if you
run the previous testcase using LC_ALL=ja_JP.EUC-JP e.g.
%s should not care about multibyte at all
--
http://sourceware.org/bugzilla/show_bug.cgi?id=6530
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly
2008-05-18 10:23 [Bug libc/6530] New: *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
` (2 preceding siblings ...)
2008-05-18 10:39 ` [Bug libc/6530] *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
@ 2010-08-30 13:57 ` avarab at gmail dot com
3 siblings, 0 replies; 5+ messages in thread
From: avarab at gmail dot com @ 2010-08-30 13:57 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From avarab at gmail dot com 2010-08-30 13:47 -------
Here's a simpler testcase for this bug courtesy of Jonathan Nieder:
#include <stdio.h>
#include <locale.h>
int main(void)
{
int n;
setlocale(LC_CTYPE, "");
n = printf("%.11s\n", "Author: \277");
perror("printf");
fprintf(stderr, "return value: %d\n", n);
return 0;
}
Under a C locale that'll do the right thing:
$ LANG=C ./test
Author: �
printf: Success
return value: 10
But not under a UTF-8 locale, since \277 isn't a valid UTF-8 sequence:
$ LANG=en_US.utf8 ./test
printf: Invalid or incomplete multibyte or wide character
return value: -1
--
http://sourceware.org/bugzilla/show_bug.cgi?id=6530
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-08-30 13:47 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-05-18 10:23 [Bug libc/6530] New: *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
2008-05-18 10:24 ` [Bug libc/6530] " madcoder at debian dot org
2008-05-18 10:39 ` [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly madcoder at debian dot org
2008-05-18 10:39 ` [Bug libc/6530] *printf() and incomplete multibyte sequences may cause infinite loops madcoder at debian dot org
2010-08-30 13:57 ` [Bug libc/6530] *printf() and incomplete multibyte sequences returns -1 bogusly avarab at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).