* [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] @ 2016-04-11 15:18 Florian Weimer 2016-04-11 15:52 ` Paul Eggert 0 siblings, 1 reply; 7+ messages in thread From: Florian Weimer @ 2016-04-11 15:18 UTC (permalink / raw) To: GNU C Library [-- Attachment #1: Type: text/plain, Size: 389 bytes --] Free a previously allocated work buffer if it is not large enough. I do not use realloc because the buffer contents does not need preserving. Test case using mtrace is included. Compared to the bug report, I increased the buffer size and also added a test for wide streams. As far as I can tell, this is not a recent regression, it's unrelated to the extend_alloca removal. Florian [-- Attachment #2: 0001-vfprintf-Fix-memory-with-large-width-and-precision-B.patch --] [-- Type: text/x-patch, Size: 4873 bytes --] 2016-04-11 Florian Weimer <fweimer@redhat.com> [BZ #19931] * stdio-common/tst-vfprintf-width-prec.c: New file. * stdio-common/Makefile (tests): Add tst-vfprintf-width-prec. (tests-special): Add tst-vfprintf-width-prec-mem.out. (generated): Add mtrace-related files. (tst-vfprintf-width-prec-ENV): Set MALLOC_TRACE. (tst-%-mem.out): New pattern rule, replaces tst-printf-bz18872-mem.out. * stdio-common/vfprintf.c (vfprintf): When handling a precision specifier, deallocate any previously allocated work buffer. diff --git a/stdio-common/Makefile b/stdio-common/Makefile index cc79d34..6c597c1 100644 --- a/stdio-common/Makefile +++ b/stdio-common/Makefile @@ -58,16 +58,18 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \ bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \ bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 tst-fmemopen3 \ - tst-printf-bz18872 + tst-printf-bz18872 tst-vfprintf-width-prec test-srcs = tst-unbputc tst-printf ifeq ($(run-built-tests),yes) tests-special += $(objpfx)tst-unbputc.out $(objpfx)tst-printf.out \ $(objpfx)tst-printf-bz18872-mem.out \ - $(objpfx)tst-setvbuf1-cmp.out + $(objpfx)tst-setvbuf1-cmp.out \ + $(objpfx)tst-vfprintf-width-prec-mem.out generated += tst-printf-bz18872.c tst-printf-bz18872.mtrace \ - tst-printf-bz18872-mem.out + tst-printf-bz18872-mem.out \ + tst-vfprintf-width-prec.mtrace tst-vfprintf-width-prec-mem.out endif include ../Rules @@ -86,6 +88,8 @@ $(objpfx)tst-swprintf.out: $(gen-locales) endif tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace +tst-vfprintf-width-prec-ENV = \ + MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace $(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc $(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \ @@ -100,8 +104,8 @@ $(objpfx)tst-printf.out: tst-printf.sh $(objpfx)tst-printf $(objpfx)tst-printf-bz18872.c: tst-printf-bz18872.sh rm -f $@ && $(BASH) $^ > $@.new && mv $@.new $@ -$(objpfx)tst-printf-bz18872-mem.out: $(objpfx)tst-printf-bz18872.out - $(common-objpfx)malloc/mtrace $(objpfx)tst-printf-bz18872.mtrace > $@; \ +$(objpfx)tst-%-mem.out: $(objpfx)tst-%.out + $(common-objpfx)malloc/mtrace $(objpfx)tst-$*.mtrace > $@; \ $(evaluate-test) CFLAGS-vfprintf.c = -Wno-uninitialized diff --git a/stdio-common/tst-vfprintf-width-prec.c b/stdio-common/tst-vfprintf-width-prec.c new file mode 100644 index 0000000..c2455e0 --- /dev/null +++ b/stdio-common/tst-vfprintf-width-prec.c @@ -0,0 +1,58 @@ +/* Test for memory leak with large width and precision. + Copyright (C) 1991-2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <mcheck.h> +#include <stdio.h> +#include <wchar.h> + +static int +do_test (void) +{ + mtrace (); + int ret; + { + char *result; + ret = asprintf (&result, "%133000.133001x", 17); + if (ret < 0) + { + printf ("error: asprintf: %m\n"); + return 1; + } + free (result); + } + { + wchar_t *result = calloc (ret + 1, sizeof (wchar_t)); + if (result == NULL) + { + printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t)); + return 1; + } + + ret = swprintf (result, ret + 1, L"%133000.133001x", 17); + if (ret < 0) + { + printf ("error: swprintf: %d (%m)\n", ret); + return 1; + } + free (result); + } + return 0; +} + +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c" diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c index 6829d4d..25308c4 100644 --- a/stdio-common/vfprintf.c +++ b/stdio-common/vfprintf.c @@ -1564,6 +1564,13 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap) prec = 0; if (prec > width && prec > WORK_BUFFER_SIZE - 32) { + /* Deallocate any previously allocated buffer because it is + too small. */ + if (workstart != NULL) + { + free (workstart); + workstart = NULL; + } if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32)) { __set_errno (EOVERFLOW); ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] 2016-04-11 15:18 [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] Florian Weimer @ 2016-04-11 15:52 ` Paul Eggert 2016-04-11 16:02 ` Florian Weimer 2016-04-14 12:23 ` Florian Weimer 0 siblings, 2 replies; 7+ messages in thread From: Paul Eggert @ 2016-04-11 15:52 UTC (permalink / raw) To: Florian Weimer, GNU C Library On 04/11/2016 08:18 AM, Florian Weimer wrote: > + /* Deallocate any previously allocated buffer because it is > + too small. */ > + if (workstart != NULL) > + { > + free (workstart); > + workstart = NULL; > + } Other places in that function use this code instead: if (__glibc_unlikely (workstart != NULL)) free (workstart); workstart = NULL; Is there some reason to do things differently here? ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] 2016-04-11 15:52 ` Paul Eggert @ 2016-04-11 16:02 ` Florian Weimer 2016-04-14 12:23 ` Florian Weimer 1 sibling, 0 replies; 7+ messages in thread From: Florian Weimer @ 2016-04-11 16:02 UTC (permalink / raw) To: Paul Eggert; +Cc: GNU C Library On 04/11/2016 05:52 PM, Paul Eggert wrote: > On 04/11/2016 08:18 AM, Florian Weimer wrote: >> + /* Deallocate any previously allocated buffer because it is >> + too small. */ >> + if (workstart != NULL) >> + { >> + free (workstart); >> + workstart = NULL; >> + } > > Other places in that function use this code instead: > > if (__glibc_unlikely (workstart != NULL)) > free (workstart); > workstart = NULL; > > Is there some reason to do things differently here? I can add the __glibc_unlikely, it's one of the few cases where it is unlikely to hurt. (The branch is only taken if the memory leak is about to happen, so I assume it's quite rare indeed, but I don't know for sure.) Regarding the braces, both variants already exist in this file. I don't have a firm presence. I find the one with the braces more logical. Florian ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] 2016-04-11 15:52 ` Paul Eggert 2016-04-11 16:02 ` Florian Weimer @ 2016-04-14 12:23 ` Florian Weimer 2016-04-14 16:17 ` Paul Eggert 1 sibling, 1 reply; 7+ messages in thread From: Florian Weimer @ 2016-04-14 12:23 UTC (permalink / raw) To: eggert; +Cc: libc-alpha [-- Attachment #1: Type: text/plain, Size: 565 bytes --] On 04/11/2016 05:52 PM, Paul Eggert wrote: > On 04/11/2016 08:18 AM, Florian Weimer wrote: >> + /* Deallocate any previously allocated buffer because it is >> + too small. */ >> + if (workstart != NULL) >> + { >> + free (workstart); >> + workstart = NULL; >> + } > > Other places in that function use this code instead: > > if (__glibc_unlikely (workstart != NULL)) > free (workstart); > workstart = NULL; > > Is there some reason to do things differently here? Here's an updated patch. Florian [-- Attachment #2: 0001-vfprintf-Fix-memory-with-large-width-and-precision-B.patch --] [-- Type: text/x-patch, Size: 4848 bytes --] 2016-04-14 Florian Weimer <fweimer@redhat.com> [BZ #19931] * stdio-common/tst-vfprintf-width-prec.c: New file. * stdio-common/Makefile (tests): Add tst-vfprintf-width-prec. (tests-special): Add tst-vfprintf-width-prec-mem.out. (generated): Add mtrace-related files. (tst-vfprintf-width-prec-ENV): Set MALLOC_TRACE. (tst-%-mem.out): New pattern rule, replaces tst-printf-bz18872-mem.out. * stdio-common/vfprintf.c (vfprintf): When handling a precision specifier, deallocate any previously allocated work buffer. diff --git a/stdio-common/Makefile b/stdio-common/Makefile index cc79d34..6c597c1 100644 --- a/stdio-common/Makefile +++ b/stdio-common/Makefile @@ -58,16 +58,18 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \ bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \ bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 tst-fmemopen3 \ - tst-printf-bz18872 + tst-printf-bz18872 tst-vfprintf-width-prec test-srcs = tst-unbputc tst-printf ifeq ($(run-built-tests),yes) tests-special += $(objpfx)tst-unbputc.out $(objpfx)tst-printf.out \ $(objpfx)tst-printf-bz18872-mem.out \ - $(objpfx)tst-setvbuf1-cmp.out + $(objpfx)tst-setvbuf1-cmp.out \ + $(objpfx)tst-vfprintf-width-prec-mem.out generated += tst-printf-bz18872.c tst-printf-bz18872.mtrace \ - tst-printf-bz18872-mem.out + tst-printf-bz18872-mem.out \ + tst-vfprintf-width-prec.mtrace tst-vfprintf-width-prec-mem.out endif include ../Rules @@ -86,6 +88,8 @@ $(objpfx)tst-swprintf.out: $(gen-locales) endif tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace +tst-vfprintf-width-prec-ENV = \ + MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace $(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc $(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \ @@ -100,8 +104,8 @@ $(objpfx)tst-printf.out: tst-printf.sh $(objpfx)tst-printf $(objpfx)tst-printf-bz18872.c: tst-printf-bz18872.sh rm -f $@ && $(BASH) $^ > $@.new && mv $@.new $@ -$(objpfx)tst-printf-bz18872-mem.out: $(objpfx)tst-printf-bz18872.out - $(common-objpfx)malloc/mtrace $(objpfx)tst-printf-bz18872.mtrace > $@; \ +$(objpfx)tst-%-mem.out: $(objpfx)tst-%.out + $(common-objpfx)malloc/mtrace $(objpfx)tst-$*.mtrace > $@; \ $(evaluate-test) CFLAGS-vfprintf.c = -Wno-uninitialized diff --git a/stdio-common/tst-vfprintf-width-prec.c b/stdio-common/tst-vfprintf-width-prec.c new file mode 100644 index 0000000..c2455e0 --- /dev/null +++ b/stdio-common/tst-vfprintf-width-prec.c @@ -0,0 +1,58 @@ +/* Test for memory leak with large width and precision. + Copyright (C) 1991-2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <mcheck.h> +#include <stdio.h> +#include <wchar.h> + +static int +do_test (void) +{ + mtrace (); + int ret; + { + char *result; + ret = asprintf (&result, "%133000.133001x", 17); + if (ret < 0) + { + printf ("error: asprintf: %m\n"); + return 1; + } + free (result); + } + { + wchar_t *result = calloc (ret + 1, sizeof (wchar_t)); + if (result == NULL) + { + printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t)); + return 1; + } + + ret = swprintf (result, ret + 1, L"%133000.133001x", 17); + if (ret < 0) + { + printf ("error: swprintf: %d (%m)\n", ret); + return 1; + } + free (result); + } + return 0; +} + +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c" diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c index 6829d4d..4a2aab1 100644 --- a/stdio-common/vfprintf.c +++ b/stdio-common/vfprintf.c @@ -1564,6 +1564,10 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap) prec = 0; if (prec > width && prec > WORK_BUFFER_SIZE - 32) { + /* Deallocate any previously allocated buffer because it is + too small. */ + if (__glibc_unlikely (workstart != NULL)) + free (workstart); if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32)) { __set_errno (EOVERFLOW); ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] 2016-04-14 12:23 ` Florian Weimer @ 2016-04-14 16:17 ` Paul Eggert 2016-04-15 12:02 ` Florian Weimer 0 siblings, 1 reply; 7+ messages in thread From: Paul Eggert @ 2016-04-14 16:17 UTC (permalink / raw) To: Florian Weimer; +Cc: libc-alpha On 04/14/2016 05:22 AM, Florian Weimer wrote: > + /* Deallocate any previously allocated buffer because it is > + too small. */ > + if (__glibc_unlikely (workstart != NULL)) > + free (workstart); > if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32)) Why don't we need a 'workstart = NULL' after freeing workstart, which is the pattern used elsewhere? If it's not needed here, it'd be helpful to have a comment saying why not. ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] 2016-04-14 16:17 ` Paul Eggert @ 2016-04-15 12:02 ` Florian Weimer 2016-04-15 19:38 ` Paul Eggert 0 siblings, 1 reply; 7+ messages in thread From: Florian Weimer @ 2016-04-15 12:02 UTC (permalink / raw) To: Paul Eggert; +Cc: libc-alpha [-- Attachment #1: Type: text/plain, Size: 628 bytes --] On 04/14/2016 06:17 PM, Paul Eggert wrote: > On 04/14/2016 05:22 AM, Florian Weimer wrote: >> + /* Deallocate any previously allocated buffer because it is >> + too small. */ >> + if (__glibc_unlikely (workstart != NULL)) >> + free (workstart); >> if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32)) > > Why don't we need a 'workstart = NULL' after freeing workstart, which is > the pattern used elsewhere? If it's not needed here, it'd be helpful to > have a comment saying why not. Ugh, right. I swear it was there at some point. I've enhanced the test to catch this. Florian [-- Attachment #2: 0001-vfprintf-Fix-memory-with-large-width-and-precision-B.patch --] [-- Type: text/x-patch, Size: 6051 bytes --] 2016-04-15 Florian Weimer <fweimer@redhat.com> [BZ #19931] * stdio-common/tst-vfprintf-width-prec.c: New file. * stdio-common/Makefile (tests): Add tst-vfprintf-width-prec. (tests-special): Add tst-vfprintf-width-prec-mem.out. (generated): Add mtrace-related files. (tst-vfprintf-width-prec-ENV): Set MALLOC_TRACE. (tst-%-mem.out): New pattern rule, replaces tst-printf-bz18872-mem.out. * stdio-common/vfprintf.c (vfprintf): When handling a precision specifier, deallocate any previously allocated work buffer. diff --git a/stdio-common/Makefile b/stdio-common/Makefile index cc79d34..6c597c1 100644 --- a/stdio-common/Makefile +++ b/stdio-common/Makefile @@ -58,16 +58,18 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \ bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \ bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 tst-fmemopen3 \ - tst-printf-bz18872 + tst-printf-bz18872 tst-vfprintf-width-prec test-srcs = tst-unbputc tst-printf ifeq ($(run-built-tests),yes) tests-special += $(objpfx)tst-unbputc.out $(objpfx)tst-printf.out \ $(objpfx)tst-printf-bz18872-mem.out \ - $(objpfx)tst-setvbuf1-cmp.out + $(objpfx)tst-setvbuf1-cmp.out \ + $(objpfx)tst-vfprintf-width-prec-mem.out generated += tst-printf-bz18872.c tst-printf-bz18872.mtrace \ - tst-printf-bz18872-mem.out + tst-printf-bz18872-mem.out \ + tst-vfprintf-width-prec.mtrace tst-vfprintf-width-prec-mem.out endif include ../Rules @@ -86,6 +88,8 @@ $(objpfx)tst-swprintf.out: $(gen-locales) endif tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace +tst-vfprintf-width-prec-ENV = \ + MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace $(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc $(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \ @@ -100,8 +104,8 @@ $(objpfx)tst-printf.out: tst-printf.sh $(objpfx)tst-printf $(objpfx)tst-printf-bz18872.c: tst-printf-bz18872.sh rm -f $@ && $(BASH) $^ > $@.new && mv $@.new $@ -$(objpfx)tst-printf-bz18872-mem.out: $(objpfx)tst-printf-bz18872.out - $(common-objpfx)malloc/mtrace $(objpfx)tst-printf-bz18872.mtrace > $@; \ +$(objpfx)tst-%-mem.out: $(objpfx)tst-%.out + $(common-objpfx)malloc/mtrace $(objpfx)tst-$*.mtrace > $@; \ $(evaluate-test) CFLAGS-vfprintf.c = -Wno-uninitialized diff --git a/stdio-common/tst-vfprintf-width-prec.c b/stdio-common/tst-vfprintf-width-prec.c new file mode 100644 index 0000000..2892741 --- /dev/null +++ b/stdio-common/tst-vfprintf-width-prec.c @@ -0,0 +1,107 @@ +/* Test for memory leak with large width and precision. + Copyright (C) 1991-2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#include <mcheck.h> +#include <stdio.h> +#include <sys/resource.h> +#include <wchar.h> + +static int +do_test (void) +{ + mtrace (); + + int ret; + { + char *result; + ret = asprintf (&result, "%133000.133001x", 17); + if (ret < 0) + { + printf ("error: asprintf: %m\n"); + return 1; + } + free (result); + } + { + wchar_t *result = calloc (ret + 1, sizeof (wchar_t)); + if (result == NULL) + { + printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t)); + return 1; + } + + ret = swprintf (result, ret + 1, L"%133000.133001x", 17); + if (ret < 0) + { + printf ("error: swprintf: %d (%m)\n", ret); + return 1; + } + free (result); + } + + /* Limit the size of the process, so that the second allocation will + fail. */ + { + struct rlimit limit; + if (getrlimit (RLIMIT_AS, &limit) != 0) + { + printf ("getrlimit (RLIMIT_AS) failed: %m\n"); + return 1; + } + long target = 200 * 1024 * 1024; + if (limit.rlim_cur == RLIM_INFINITY || limit.rlim_cur > target) + { + limit.rlim_cur = target; + if (setrlimit (RLIMIT_AS, &limit) != 0) + { + printf ("setrlimit (RLIMIT_AS) failed: %m\n"); + return 1; + } + } + } + + { + char *result; + ret = asprintf (&result, "%133000.999999999x", 17); + if (ret >= 0) + { + printf ("error: asprintf: incorrect result %d\n", ret); + return 1; + } + } + { + wchar_t result[100]; + if (result == NULL) + { + printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t)); + return 1; + } + + ret = swprintf (result, 100, L"%133000.999999999x", 17); + if (ret >= 0) + { + printf ("error: swprintf: incorrect result %d\n", ret); + return 1; + } + } + + return 0; +} + +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c" diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c index 6829d4d..f24020a 100644 --- a/stdio-common/vfprintf.c +++ b/stdio-common/vfprintf.c @@ -1564,6 +1564,11 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap) prec = 0; if (prec > width && prec > WORK_BUFFER_SIZE - 32) { + /* Deallocate any previously allocated buffer because it is + too small. */ + if (__glibc_unlikely (workstart != NULL)) + free (workstart); + workstart = NULL; if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32)) { __set_errno (EOVERFLOW); ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] 2016-04-15 12:02 ` Florian Weimer @ 2016-04-15 19:38 ` Paul Eggert 0 siblings, 0 replies; 7+ messages in thread From: Paul Eggert @ 2016-04-15 19:38 UTC (permalink / raw) To: Florian Weimer; +Cc: libc-alpha On 04/15/2016 05:01 AM, Florian Weimer wrote: > Ugh, right. I swear it was there at some point. I've enhanced the > test to catch this. Thanks, this looks good to me. ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2016-04-15 19:38 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2016-04-11 15:18 [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] Florian Weimer 2016-04-11 15:52 ` Paul Eggert 2016-04-11 16:02 ` Florian Weimer 2016-04-14 12:23 ` Florian Weimer 2016-04-14 16:17 ` Paul Eggert 2016-04-15 12:02 ` Florian Weimer 2016-04-15 19:38 ` Paul Eggert
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).