From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x34.google.com (mail-oa1-x34.google.com [IPv6:2001:4860:4864:20::34]) by sourceware.org (Postfix) with ESMTPS id 002603858D28 for ; Mon, 3 Jul 2023 18:52:35 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 002603858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-oa1-x34.google.com with SMTP id 586e51a60fabf-1b06a46e1a9so4273381fac.2 for ; Mon, 03 Jul 2023 11:52:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1688410355; x=1691002355; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:from:to:cc:subject:date:message-id:reply-to; bh=w/fdCBuQFz1MZc2ybfV1TbtlovlECZabm4XZcu/lloA=; b=Mx7YgUPtTiQU9yRQdPx69gQ6+p3kscMEYoFitssqyAyZWyh+60BCo8DaWrRc8xdMaJ anCHN08nbYf1JiiP315jklHFqDU0T6LnTMaHDCnHLxRa1GWvw3EMCoHnvcHCI/aEFzy0 mKG6Zh63o+mOHn6nOv75K+18Fb6MOuzuNjQ+bwXUHtQlJZUWc1Rs4rsDc/KLiv8MZI2X S4LL9z4pbP6WNLdUN4i+xG5Sv7Cvu96CaELkUweJvvYe/eYxGbG/rqiRDwVJLDY2lthF P5aAx8qNGUCIkbP4CDgmQ4nFmYfiju2kIPx8HkvtZw1jf3XzCDezVpCLYh1cxSvo5tNV tNug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688410355; x=1691002355; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=w/fdCBuQFz1MZc2ybfV1TbtlovlECZabm4XZcu/lloA=; b=kqtTHgBBqwf5Fz0dXNare0+Ir+Oao8lW4FRpcby3rHgsx9dVdbRpyX2QklgoQjHKXC hqd1DAZ0JsAb8jl1/GDrBlgOrMgbaUq1UtUQFr2Bi/K0xzGP0aOhVn3/M/Ftm5OIe+r3 Oi+kLhYMjArKI/oW82+TDflrJHtFIepxu+OQwEsOoesihURgTsdVsNmEAiTphmzgbFqF /RrCGx8gTCfgRUjLAq6XpxHZ2dXaE8hmpUcfrpU80YQ4EZ18NN804AFxGZnfzhTfvJ1q 0efd8W/gO2fZgrZ/Fg4lLASsdQYneNyE5HF93RV1pk7GXCnLADLzWF00C9FhHoZZ+lTm Hz5Q== X-Gm-Message-State: ABy/qLYJdYWZcM0dGPO5K+HMLFS0aIrkKHrzfO9R8o4QmPAodt4mHaH9 +jBTB7ex++meit6iHkd5TB2EyA== X-Google-Smtp-Source: APBJJlHTIeEHE+1NpO4IZAKMTCwW6rnyKMrY7RYwfXBIo+H3arHZLuv4KovYQAthjC+S7lhFD3qKXA== X-Received: by 2002:a05:6870:799a:b0:1b0:6aec:8284 with SMTP id he26-20020a056870799a00b001b06aec8284mr11353006oab.49.1688410355356; Mon, 03 Jul 2023 11:52:35 -0700 (PDT) Received: from ?IPV6:2804:1b3:a7c3:665c:4c86:ac7d:d2ce:ef? ([2804:1b3:a7c3:665c:4c86:ac7d:d2ce:ef]) by smtp.gmail.com with ESMTPSA id pv2-20020a0568709d8200b001aa28348373sm12763182oab.23.2023.07.03.11.52.33 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 03 Jul 2023 11:52:34 -0700 (PDT) Message-ID: <00e74b31-0184-5362-9acb-654237636983@linaro.org> Date: Mon, 3 Jul 2023 15:52:32 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: [PATCH] vfscanf-internal: Remove potentially unbounded allocas Content-Language: en-US To: Joe Simmons-Talbott Cc: libc-alpha@sourceware.org References: <20230703143829.2256518-1-adhemerval.zanella@linaro.org> <20230703181825.GU6392@oak> From: Adhemerval Zanella Netto Organization: Linaro In-Reply-To: <20230703181825.GU6392@oak> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 03/07/23 15:18, Joe Simmons-Talbott wrote: > On Mon, Jul 03, 2023 at 11:38:29AM -0300, Adhemerval Zanella wrote: >> From: Joe Simmons-Talbott >> >> Some locales define a list of mapping pairs of alternate digits and >> separators for input digits (to_inpunct). This require the scanf >> to create a list of all possible inputs for the optional type >> modifier 'I'. >> >> Checked on x86_64-linux-gnu. >> --- >> stdio-common/Makefile | 3 ++ >> stdio-common/tst-scanf-to_inpunct.c | 78 ++++++++++++++++++++++++++++ >> stdio-common/vfscanf-internal.c | 40 ++++++++------- >> wcsmbs/Makefile | 3 ++ >> wcsmbs/tst-wscanf-to_inpunct.c | 79 +++++++++++++++++++++++++++++ >> 5 files changed, 186 insertions(+), 17 deletions(-) >> create mode 100644 stdio-common/tst-scanf-to_inpunct.c >> create mode 100644 wcsmbs/tst-wscanf-to_inpunct.c >> >> diff --git a/stdio-common/Makefile b/stdio-common/Makefile >> index 8871ec7668..f6d9017ff1 100644 >> --- a/stdio-common/Makefile >> +++ b/stdio-common/Makefile >> @@ -231,6 +231,7 @@ tests := \ >> tst-scanf-binary-gnu11 \ >> tst-scanf-binary-gnu89 \ >> tst-scanf-round \ >> + tst-scanf-to_inpunct \ >> tst-setvbuf1 \ >> tst-sprintf \ >> tst-sprintf-errno \ >> @@ -347,6 +348,7 @@ LOCALES := \ >> de_DE.ISO-8859-1 \ >> de_DE.UTF-8 \ >> en_US.ISO-8859-1 \ >> + fa_IR.UTF-8 \ >> hi_IN.UTF-8 \ >> ja_JP.EUC-JP \ >> ps_AF.UTF-8 \ >> @@ -366,6 +368,7 @@ $(objpfx)tst-swprintf.out: $(gen-locales) >> $(objpfx)tst-vfprintf-mbs-prec.out: $(gen-locales) >> $(objpfx)tst-vfprintf-width-i18n.out: $(gen-locales) >> $(objpfx)tst-grouping3.out: $(gen-locales) >> +$(objpfx)tst-scanf-to_inpunct.out: $(gen-locales) >> endif >> >> tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace \ >> diff --git a/stdio-common/tst-scanf-to_inpunct.c b/stdio-common/tst-scanf-to_inpunct.c >> new file mode 100644 >> index 0000000000..32236ac2dc >> --- /dev/null >> +++ b/stdio-common/tst-scanf-to_inpunct.c >> @@ -0,0 +1,78 @@ >> +/* Test scanf for languages with mapping pairs of alternate digits and >> + separators. >> + Copyright (C) 2023 Free Software Foundation, Inc. >> + This file is part of the GNU C Library. >> + >> + The GNU C Library is free software; you can redistribute it and/or >> + modify it under the terms of the GNU Lesser General Public >> + License as published by the Free Software Foundation; either >> + version 2.1 of the License, or (at your option) any later version. >> + >> + The GNU C Library is distributed in the hope that it will be useful, >> + but WITHOUT ANY WARRANTY; without even the implied warranty of >> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU >> + Lesser General Public License for more details. >> + >> + You should have received a copy of the GNU Lesser General Public >> + License along with the GNU C Library; if not, see >> + . */ >> + >> +#include >> +#include >> +#include >> +#include >> + >> +/* fa_IR defines to_inpunct for numbers. */ >> +static const struct >> +{ >> + int n; >> + const char *str; >> +} inputs[] = >> +{ >> + { 1, "\xdb\xb1" }, >> + { 2, "\xdb\xb2" }, >> + { 3, "\xdb\xb3" }, >> + { 4, "\xdb\xb4" }, >> + { 5, "\xdb\xb5" }, >> + { 6, "\xdb\xb6" }, >> + { 7, "\xdb\xb7" }, >> + { 8, "\xdb\xb8" }, >> + { 9, "\xdb\xb9" }, >> + { 10, "\xdb\xb1\xdb\xb0" }, >> + { 11, "\xdb\xb1\xdb\xb1" }, >> + { 12, "\xdb\xb1\xdb\xb2" }, >> + { 13, "\xdb\xb1\xdb\xb3" }, >> + { 14, "\xdb\xb1\xdb\xb4" }, >> + { 15, "\xdb\xb1\xdb\xb5" }, >> + { 16, "\xdb\xb1\xdb\xb6" }, >> + { 17, "\xdb\xb1\xdb\xb7" }, >> + { 18, "\xdb\xb1\xdb\xb8" }, >> + { 19, "\xdb\xb1\xdb\xb9" }, >> + { 20, "\xdb\xb2\xdb\xb0" }, >> + { 30, "\xdb\xb3\xdb\xb0" }, >> + { 40, "\xdb\xb4\xdb\xb0" }, >> + { 50, "\xdb\xb5\xdb\xb0" }, >> + { 60, "\xdb\xb6\xdb\xb0" }, >> + { 70, "\xdb\xb7\xdb\xb0" }, >> + { 80, "\xdb\xb8\xdb\xb0" }, >> + { 90, "\xdb\xb9\xdb\xb0" }, >> + { 100, "\xdb\xb1\xdb\xb0\xdb\xb0" }, >> + { 1000, "\xdb\xb1\xdb\xb0\xdb\xb0\xdb\xb0" }, >> +}; >> + >> +static int >> +do_test (void) >> +{ >> + xsetlocale (LC_ALL, "fa_IR.UTF-8"); >> + >> + for (int i = 0; i < array_length (inputs); i++) >> + { >> + int n; >> + sscanf (inputs[i].str, "%Id", &n); >> + TEST_COMPARE (n, inputs[i].n); >> + } >> + >> + return 0; >> +} >> + >> +#include >> diff --git a/stdio-common/vfscanf-internal.c b/stdio-common/vfscanf-internal.c >> index bfb9baa21a..ba4b289de6 100644 >> --- a/stdio-common/vfscanf-internal.c >> +++ b/stdio-common/vfscanf-internal.c >> @@ -1455,13 +1455,14 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, >> int from_level; >> int to_level; >> int level; >> + enum { num_digits_len = 10 }; >> #ifdef COMPILE_WSCANF >> - const wchar_t *wcdigits[10]; >> - const wchar_t *wcdigits_extended[10]; >> + const wchar_t *wcdigits[num_digits_len]; >> #else >> - const char *mbdigits[10]; >> - const char *mbdigits_extended[10]; >> + const char *mbdigits[num_digits_len]; >> #endif >> + CHAR_T *digits_extended[num_digits_len] = { NULL }; >> + >> /* "to_inpunct" is a map from ASCII digits to their >> equivalent in locale. This is defined for locales >> which use an extra digits set. */ >> @@ -1482,18 +1483,18 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, >> /* Adding new level for extra digits set in locale file. */ >> ++to_level; >> >> - for (n = 0; n < 10; ++n) >> + for (n = 0; n < num_digits_len; ++n) >> { >> #ifdef COMPILE_WSCANF >> wcdigits[n] = (const wchar_t *) >> _NL_CURRENT (LC_CTYPE, _NL_CTYPE_INDIGITS0_WC + n); >> >> wchar_t *wc_extended = (wchar_t *) >> - alloca ((to_level + 2) * sizeof (wchar_t)); >> + malloc ((to_level + 2) * sizeof (wchar_t)); > > Don't we need to handle the case where malloc might fail here? Indeed, I will update the patch.