public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/13303] New: strange crash in 64bit vsnprintf()
@ 2011-10-16 21:27 ninive at gmx dot at
2011-10-17 7:19 ` [Bug libc/13303] " ninive at gmx dot at
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: ninive at gmx dot at @ 2011-10-16 21:27 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13303
Bug #: 13303
Summary: strange crash in 64bit vsnprintf()
Product: glibc
Version: 2.11
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper.fsp@gmail.com
ReportedBy: ninive@gmx.at
Classification: Unclassified
Created attachment 5989
--> http://sourceware.org/bugzilla/attachment.cgi?id=5989
Testcase
vsnprintf() crashed on 64bit CentOS, but not on 32bit.
Backtrace (taken from CentOS 5):
#0 0x00000032a7479b60 in strlen () from /lib64/libc.so.6
0000001 0x00000032a7446cb9 in vfprintf () from /lib64/libc.so.6
0000002 0x00000032a74699da in vsnprintf () from /lib64/libc.so.6
#3 0x00000000006023cb in format (this=0x7fff315e9400, params=0xa22238
#4 0x00000000009b3f86 in main (argc=1, argv=0x7fff315e9768)
Tested with
GNU libc: 2.5 (CentOS 5), 2.6.18-274.3.1.el5 x86_64 GNU/Linux
GNU libc: 2.11 (Ubuntu 10.04), 2.6.32-34-server x86_64 GNU/Linux
Steps to reproduce:
wget http://doppelbauer.name/vsnprintf.cpp
g++ -g -o vsnprintf vsnprintf.cpp
./vsnprintf
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/13303] strange crash in 64bit vsnprintf()
2011-10-16 21:27 [Bug libc/13303] New: strange crash in 64bit vsnprintf() ninive at gmx dot at
@ 2011-10-17 7:19 ` ninive at gmx dot at
2011-10-17 7:45 ` aj at suse dot de
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: ninive at gmx dot at @ 2011-10-17 7:19 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13303
Markus Doppelbauer <ninive at gmx dot at> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ninive at gmx dot at
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/13303] strange crash in 64bit vsnprintf()
2011-10-16 21:27 [Bug libc/13303] New: strange crash in 64bit vsnprintf() ninive at gmx dot at
2011-10-17 7:19 ` [Bug libc/13303] " ninive at gmx dot at
@ 2011-10-17 7:45 ` aj at suse dot de
2011-10-17 8:14 ` ninive at gmx dot at
2014-06-27 11:51 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: aj at suse dot de @ 2011-10-17 7:45 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13303
Andreas Jaeger <aj at suse dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |aj at suse dot de
Resolution| |INVALID
--- Comment #1 from Andreas Jaeger <aj at suse dot de> 2011-10-17 07:44:33 UTC ---
Your code is buggy, vsnprintf uses the args and you need to reset it.
va_list args;
va_start( args, params );
char buffer[0x4000];
unsigned int required = vsnprintf( buffer, sizeof(buffer), params, args );
Add va_end (args);va_start(args,params); here
char *bigbuffer = (char*)malloc( required + 1 );
vsnprintf( bigbuffer, required + 1, params, args );
va_end( args );
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/13303] strange crash in 64bit vsnprintf()
2011-10-16 21:27 [Bug libc/13303] New: strange crash in 64bit vsnprintf() ninive at gmx dot at
2011-10-17 7:19 ` [Bug libc/13303] " ninive at gmx dot at
2011-10-17 7:45 ` aj at suse dot de
@ 2011-10-17 8:14 ` ninive at gmx dot at
2014-06-27 11:51 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: ninive at gmx dot at @ 2011-10-17 8:14 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13303
--- Comment #2 from Markus Doppelbauer <ninive at gmx dot at> 2011-10-17 08:12:56 UTC ---
Hi Andreas,
Thanks a lot. You are right.
Sorry for disturbing.
Markus
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/13303] strange crash in 64bit vsnprintf()
2011-10-16 21:27 [Bug libc/13303] New: strange crash in 64bit vsnprintf() ninive at gmx dot at
` (2 preceding siblings ...)
2011-10-17 8:14 ` ninive at gmx dot at
@ 2014-06-27 11:51 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: fweimer at redhat dot com @ 2014-06-27 11:51 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13303
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-06-27 11:51 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-10-16 21:27 [Bug libc/13303] New: strange crash in 64bit vsnprintf() ninive at gmx dot at
2011-10-17 7:19 ` [Bug libc/13303] " ninive at gmx dot at
2011-10-17 7:45 ` aj at suse dot de
2011-10-17 8:14 ` ninive at gmx dot at
2014-06-27 11:51 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).