public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow)
[not found] <bug-20632-131@http.sourceware.org/bugzilla/>
@ 2021-08-27 4:30 ` infor at rudhar dot com
2021-08-28 18:19 ` infor at rudhar dot com
` (2 subsequent siblings)
3 siblings, 0 replies; 4+ messages in thread
From: infor at rudhar dot com @ 2021-08-27 4:30 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=20632
Ruud Harmsen <infor at rudhar dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |infor at rudhar dot com
--- Comment #2 from Ruud Harmsen <infor at rudhar dot com> ---
It crashes for me (with glibc 2.31) even if I comment out the line with the
malloc. It crashes already at one of the short writes.
Is it legal at all, to write to a stream of which you have close(2)'d the
fileno? Why would anyone do that?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow)
[not found] <bug-20632-131@http.sourceware.org/bugzilla/>
2021-08-27 4:30 ` [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow) infor at rudhar dot com
@ 2021-08-28 18:19 ` infor at rudhar dot com
2021-10-21 6:48 ` bap.fayol at gmail dot com
2021-10-21 10:44 ` adhemerval.zanella at linaro dot org
3 siblings, 0 replies; 4+ messages in thread
From: infor at rudhar dot com @ 2021-08-28 18:19 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=20632
--- Comment #3 from Ruud Harmsen <infor at rudhar dot com> ---
I wonder why writing to stderr involves handling any buffers in the first
place. By default, stderr is unbuffered, that is, character buffered. So any
attempt to write a character, or even a byte, to stderr from the stdio level,
should immediately cause a write system call to file descriptor 2.
>From an extended version of the test program, which does more error checking, I
learnt that the first fputws returns -1 and sets errno to 9, Bad file
descriptor. That is correct because file desciptor 2 was closed. Subsequent
calls of fputws however do go through and return 1, as if the write succeeded.
For comparison, I ran the same program under FreeBSD 12.2, and there _all_ the
calls of fputws were rejected returning -1, and setting errno to "Bad file
descriptor". No crash happens there.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow)
[not found] <bug-20632-131@http.sourceware.org/bugzilla/>
2021-08-27 4:30 ` [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow) infor at rudhar dot com
2021-08-28 18:19 ` infor at rudhar dot com
@ 2021-10-21 6:48 ` bap.fayol at gmail dot com
2021-10-21 10:44 ` adhemerval.zanella at linaro dot org
3 siblings, 0 replies; 4+ messages in thread
From: bap.fayol at gmail dot com @ 2021-10-21 6:48 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=20632
yaoltreza <bap.fayol at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bap.fayol at gmail dot com
--- Comment #4 from yaoltreza <bap.fayol at gmail dot com> ---
thank you all for the tips.
https://www.depannage-auto-remorquage-bordeaux33.com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow)
[not found] <bug-20632-131@http.sourceware.org/bugzilla/>
` (2 preceding siblings ...)
2021-10-21 6:48 ` bap.fayol at gmail dot com
@ 2021-10-21 10:44 ` adhemerval.zanella at linaro dot org
3 siblings, 0 replies; 4+ messages in thread
From: adhemerval.zanella at linaro dot org @ 2021-10-21 10:44 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=20632
Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |adhemerval.zanella at linaro dot o
| |rg
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-10-21 10:44 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-20632-131@http.sourceware.org/bugzilla/>
2021-08-27 4:30 ` [Bug stdio/20632] Buffer overflow in wchar IO (_IO_wfile_overflow) infor at rudhar dot com
2021-08-28 18:19 ` infor at rudhar dot com
2021-10-21 6:48 ` bap.fayol at gmail dot com
2021-10-21 10:44 ` adhemerval.zanella at linaro dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).