* [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
@ 2016-04-11 15:18 Florian Weimer
2016-04-11 15:52 ` Paul Eggert
0 siblings, 1 reply; 7+ messages in thread
From: Florian Weimer @ 2016-04-11 15:18 UTC (permalink / raw)
To: GNU C Library
[-- Attachment #1: Type: text/plain, Size: 389 bytes --]
Free a previously allocated work buffer if it is not large enough.
I do not use realloc because the buffer contents does not need preserving.
Test case using mtrace is included. Compared to the bug report, I
increased the buffer size and also added a test for wide streams.
As far as I can tell, this is not a recent regression, it's unrelated to
the extend_alloca removal.
Florian
[-- Attachment #2: 0001-vfprintf-Fix-memory-with-large-width-and-precision-B.patch --]
[-- Type: text/x-patch, Size: 4873 bytes --]
2016-04-11 Florian Weimer <fweimer@redhat.com>
[BZ #19931]
* stdio-common/tst-vfprintf-width-prec.c: New file.
* stdio-common/Makefile (tests): Add tst-vfprintf-width-prec.
(tests-special): Add tst-vfprintf-width-prec-mem.out.
(generated): Add mtrace-related files.
(tst-vfprintf-width-prec-ENV): Set MALLOC_TRACE.
(tst-%-mem.out): New pattern rule, replaces
tst-printf-bz18872-mem.out.
* stdio-common/vfprintf.c (vfprintf): When handling a precision
specifier, deallocate any previously allocated work buffer.
diff --git a/stdio-common/Makefile b/stdio-common/Makefile
index cc79d34..6c597c1 100644
--- a/stdio-common/Makefile
+++ b/stdio-common/Makefile
@@ -58,16 +58,18 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \
scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \
bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \
bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 tst-fmemopen3 \
- tst-printf-bz18872
+ tst-printf-bz18872 tst-vfprintf-width-prec
test-srcs = tst-unbputc tst-printf
ifeq ($(run-built-tests),yes)
tests-special += $(objpfx)tst-unbputc.out $(objpfx)tst-printf.out \
$(objpfx)tst-printf-bz18872-mem.out \
- $(objpfx)tst-setvbuf1-cmp.out
+ $(objpfx)tst-setvbuf1-cmp.out \
+ $(objpfx)tst-vfprintf-width-prec-mem.out
generated += tst-printf-bz18872.c tst-printf-bz18872.mtrace \
- tst-printf-bz18872-mem.out
+ tst-printf-bz18872-mem.out \
+ tst-vfprintf-width-prec.mtrace tst-vfprintf-width-prec-mem.out
endif
include ../Rules
@@ -86,6 +88,8 @@ $(objpfx)tst-swprintf.out: $(gen-locales)
endif
tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace
+tst-vfprintf-width-prec-ENV = \
+ MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace
$(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc
$(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \
@@ -100,8 +104,8 @@ $(objpfx)tst-printf.out: tst-printf.sh $(objpfx)tst-printf
$(objpfx)tst-printf-bz18872.c: tst-printf-bz18872.sh
rm -f $@ && $(BASH) $^ > $@.new && mv $@.new $@
-$(objpfx)tst-printf-bz18872-mem.out: $(objpfx)tst-printf-bz18872.out
- $(common-objpfx)malloc/mtrace $(objpfx)tst-printf-bz18872.mtrace > $@; \
+$(objpfx)tst-%-mem.out: $(objpfx)tst-%.out
+ $(common-objpfx)malloc/mtrace $(objpfx)tst-$*.mtrace > $@; \
$(evaluate-test)
CFLAGS-vfprintf.c = -Wno-uninitialized
diff --git a/stdio-common/tst-vfprintf-width-prec.c b/stdio-common/tst-vfprintf-width-prec.c
new file mode 100644
index 0000000..c2455e0
--- /dev/null
+++ b/stdio-common/tst-vfprintf-width-prec.c
@@ -0,0 +1,58 @@
+/* Test for memory leak with large width and precision.
+ Copyright (C) 1991-2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <mcheck.h>
+#include <stdio.h>
+#include <wchar.h>
+
+static int
+do_test (void)
+{
+ mtrace ();
+ int ret;
+ {
+ char *result;
+ ret = asprintf (&result, "%133000.133001x", 17);
+ if (ret < 0)
+ {
+ printf ("error: asprintf: %m\n");
+ return 1;
+ }
+ free (result);
+ }
+ {
+ wchar_t *result = calloc (ret + 1, sizeof (wchar_t));
+ if (result == NULL)
+ {
+ printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t));
+ return 1;
+ }
+
+ ret = swprintf (result, ret + 1, L"%133000.133001x", 17);
+ if (ret < 0)
+ {
+ printf ("error: swprintf: %d (%m)\n", ret);
+ return 1;
+ }
+ free (result);
+ }
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
index 6829d4d..25308c4 100644
--- a/stdio-common/vfprintf.c
+++ b/stdio-common/vfprintf.c
@@ -1564,6 +1564,13 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap)
prec = 0;
if (prec > width && prec > WORK_BUFFER_SIZE - 32)
{
+ /* Deallocate any previously allocated buffer because it is
+ too small. */
+ if (workstart != NULL)
+ {
+ free (workstart);
+ workstart = NULL;
+ }
if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32))
{
__set_errno (EOVERFLOW);
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
2016-04-11 15:18 [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] Florian Weimer
@ 2016-04-11 15:52 ` Paul Eggert
2016-04-11 16:02 ` Florian Weimer
2016-04-14 12:23 ` Florian Weimer
0 siblings, 2 replies; 7+ messages in thread
From: Paul Eggert @ 2016-04-11 15:52 UTC (permalink / raw)
To: Florian Weimer, GNU C Library
On 04/11/2016 08:18 AM, Florian Weimer wrote:
> + /* Deallocate any previously allocated buffer because it is
> + too small. */
> + if (workstart != NULL)
> + {
> + free (workstart);
> + workstart = NULL;
> + }
Other places in that function use this code instead:
if (__glibc_unlikely (workstart != NULL))
free (workstart);
workstart = NULL;
Is there some reason to do things differently here?
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
2016-04-11 15:52 ` Paul Eggert
@ 2016-04-11 16:02 ` Florian Weimer
2016-04-14 12:23 ` Florian Weimer
1 sibling, 0 replies; 7+ messages in thread
From: Florian Weimer @ 2016-04-11 16:02 UTC (permalink / raw)
To: Paul Eggert; +Cc: GNU C Library
On 04/11/2016 05:52 PM, Paul Eggert wrote:
> On 04/11/2016 08:18 AM, Florian Weimer wrote:
>> + /* Deallocate any previously allocated buffer because it is
>> + too small. */
>> + if (workstart != NULL)
>> + {
>> + free (workstart);
>> + workstart = NULL;
>> + }
>
> Other places in that function use this code instead:
>
> if (__glibc_unlikely (workstart != NULL))
> free (workstart);
> workstart = NULL;
>
> Is there some reason to do things differently here?
I can add the __glibc_unlikely, it's one of the few cases where it is
unlikely to hurt. (The branch is only taken if the memory leak is about
to happen, so I assume it's quite rare indeed, but I don't know for sure.)
Regarding the braces, both variants already exist in this file. I don't
have a firm presence. I find the one with the braces more logical.
Florian
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
2016-04-11 15:52 ` Paul Eggert
2016-04-11 16:02 ` Florian Weimer
@ 2016-04-14 12:23 ` Florian Weimer
2016-04-14 16:17 ` Paul Eggert
1 sibling, 1 reply; 7+ messages in thread
From: Florian Weimer @ 2016-04-14 12:23 UTC (permalink / raw)
To: eggert; +Cc: libc-alpha
[-- Attachment #1: Type: text/plain, Size: 565 bytes --]
On 04/11/2016 05:52 PM, Paul Eggert wrote:
> On 04/11/2016 08:18 AM, Florian Weimer wrote:
>> + /* Deallocate any previously allocated buffer because it is
>> + too small. */
>> + if (workstart != NULL)
>> + {
>> + free (workstart);
>> + workstart = NULL;
>> + }
>
> Other places in that function use this code instead:
>
> if (__glibc_unlikely (workstart != NULL))
> free (workstart);
> workstart = NULL;
>
> Is there some reason to do things differently here?
Here's an updated patch.
Florian
[-- Attachment #2: 0001-vfprintf-Fix-memory-with-large-width-and-precision-B.patch --]
[-- Type: text/x-patch, Size: 4848 bytes --]
2016-04-14 Florian Weimer <fweimer@redhat.com>
[BZ #19931]
* stdio-common/tst-vfprintf-width-prec.c: New file.
* stdio-common/Makefile (tests): Add tst-vfprintf-width-prec.
(tests-special): Add tst-vfprintf-width-prec-mem.out.
(generated): Add mtrace-related files.
(tst-vfprintf-width-prec-ENV): Set MALLOC_TRACE.
(tst-%-mem.out): New pattern rule, replaces
tst-printf-bz18872-mem.out.
* stdio-common/vfprintf.c (vfprintf): When handling a precision
specifier, deallocate any previously allocated work buffer.
diff --git a/stdio-common/Makefile b/stdio-common/Makefile
index cc79d34..6c597c1 100644
--- a/stdio-common/Makefile
+++ b/stdio-common/Makefile
@@ -58,16 +58,18 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \
scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \
bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \
bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 tst-fmemopen3 \
- tst-printf-bz18872
+ tst-printf-bz18872 tst-vfprintf-width-prec
test-srcs = tst-unbputc tst-printf
ifeq ($(run-built-tests),yes)
tests-special += $(objpfx)tst-unbputc.out $(objpfx)tst-printf.out \
$(objpfx)tst-printf-bz18872-mem.out \
- $(objpfx)tst-setvbuf1-cmp.out
+ $(objpfx)tst-setvbuf1-cmp.out \
+ $(objpfx)tst-vfprintf-width-prec-mem.out
generated += tst-printf-bz18872.c tst-printf-bz18872.mtrace \
- tst-printf-bz18872-mem.out
+ tst-printf-bz18872-mem.out \
+ tst-vfprintf-width-prec.mtrace tst-vfprintf-width-prec-mem.out
endif
include ../Rules
@@ -86,6 +88,8 @@ $(objpfx)tst-swprintf.out: $(gen-locales)
endif
tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace
+tst-vfprintf-width-prec-ENV = \
+ MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace
$(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc
$(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \
@@ -100,8 +104,8 @@ $(objpfx)tst-printf.out: tst-printf.sh $(objpfx)tst-printf
$(objpfx)tst-printf-bz18872.c: tst-printf-bz18872.sh
rm -f $@ && $(BASH) $^ > $@.new && mv $@.new $@
-$(objpfx)tst-printf-bz18872-mem.out: $(objpfx)tst-printf-bz18872.out
- $(common-objpfx)malloc/mtrace $(objpfx)tst-printf-bz18872.mtrace > $@; \
+$(objpfx)tst-%-mem.out: $(objpfx)tst-%.out
+ $(common-objpfx)malloc/mtrace $(objpfx)tst-$*.mtrace > $@; \
$(evaluate-test)
CFLAGS-vfprintf.c = -Wno-uninitialized
diff --git a/stdio-common/tst-vfprintf-width-prec.c b/stdio-common/tst-vfprintf-width-prec.c
new file mode 100644
index 0000000..c2455e0
--- /dev/null
+++ b/stdio-common/tst-vfprintf-width-prec.c
@@ -0,0 +1,58 @@
+/* Test for memory leak with large width and precision.
+ Copyright (C) 1991-2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <mcheck.h>
+#include <stdio.h>
+#include <wchar.h>
+
+static int
+do_test (void)
+{
+ mtrace ();
+ int ret;
+ {
+ char *result;
+ ret = asprintf (&result, "%133000.133001x", 17);
+ if (ret < 0)
+ {
+ printf ("error: asprintf: %m\n");
+ return 1;
+ }
+ free (result);
+ }
+ {
+ wchar_t *result = calloc (ret + 1, sizeof (wchar_t));
+ if (result == NULL)
+ {
+ printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t));
+ return 1;
+ }
+
+ ret = swprintf (result, ret + 1, L"%133000.133001x", 17);
+ if (ret < 0)
+ {
+ printf ("error: swprintf: %d (%m)\n", ret);
+ return 1;
+ }
+ free (result);
+ }
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
index 6829d4d..4a2aab1 100644
--- a/stdio-common/vfprintf.c
+++ b/stdio-common/vfprintf.c
@@ -1564,6 +1564,10 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap)
prec = 0;
if (prec > width && prec > WORK_BUFFER_SIZE - 32)
{
+ /* Deallocate any previously allocated buffer because it is
+ too small. */
+ if (__glibc_unlikely (workstart != NULL))
+ free (workstart);
if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32))
{
__set_errno (EOVERFLOW);
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
2016-04-14 12:23 ` Florian Weimer
@ 2016-04-14 16:17 ` Paul Eggert
2016-04-15 12:02 ` Florian Weimer
0 siblings, 1 reply; 7+ messages in thread
From: Paul Eggert @ 2016-04-14 16:17 UTC (permalink / raw)
To: Florian Weimer; +Cc: libc-alpha
On 04/14/2016 05:22 AM, Florian Weimer wrote:
> + /* Deallocate any previously allocated buffer because it is
> + too small. */
> + if (__glibc_unlikely (workstart != NULL))
> + free (workstart);
> if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32))
Why don't we need a 'workstart = NULL' after freeing workstart, which is
the pattern used elsewhere? If it's not needed here, it'd be helpful to
have a comment saying why not.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
2016-04-14 16:17 ` Paul Eggert
@ 2016-04-15 12:02 ` Florian Weimer
2016-04-15 19:38 ` Paul Eggert
0 siblings, 1 reply; 7+ messages in thread
From: Florian Weimer @ 2016-04-15 12:02 UTC (permalink / raw)
To: Paul Eggert; +Cc: libc-alpha
[-- Attachment #1: Type: text/plain, Size: 628 bytes --]
On 04/14/2016 06:17 PM, Paul Eggert wrote:
> On 04/14/2016 05:22 AM, Florian Weimer wrote:
>> + /* Deallocate any previously allocated buffer because it is
>> + too small. */
>> + if (__glibc_unlikely (workstart != NULL))
>> + free (workstart);
>> if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32))
>
> Why don't we need a 'workstart = NULL' after freeing workstart, which is
> the pattern used elsewhere? If it's not needed here, it'd be helpful to
> have a comment saying why not.
Ugh, right. I swear it was there at some point. I've enhanced the test
to catch this.
Florian
[-- Attachment #2: 0001-vfprintf-Fix-memory-with-large-width-and-precision-B.patch --]
[-- Type: text/x-patch, Size: 6051 bytes --]
2016-04-15 Florian Weimer <fweimer@redhat.com>
[BZ #19931]
* stdio-common/tst-vfprintf-width-prec.c: New file.
* stdio-common/Makefile (tests): Add tst-vfprintf-width-prec.
(tests-special): Add tst-vfprintf-width-prec-mem.out.
(generated): Add mtrace-related files.
(tst-vfprintf-width-prec-ENV): Set MALLOC_TRACE.
(tst-%-mem.out): New pattern rule, replaces
tst-printf-bz18872-mem.out.
* stdio-common/vfprintf.c (vfprintf): When handling a precision
specifier, deallocate any previously allocated work buffer.
diff --git a/stdio-common/Makefile b/stdio-common/Makefile
index cc79d34..6c597c1 100644
--- a/stdio-common/Makefile
+++ b/stdio-common/Makefile
@@ -58,16 +58,18 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \
scanf16 scanf17 tst-setvbuf1 tst-grouping bug23 bug24 \
bug-vfprintf-nargs tst-long-dbl-fphex tst-fphex-wide tst-sprintf3 \
bug25 tst-printf-round bug23-2 bug23-3 bug23-4 bug26 tst-fmemopen3 \
- tst-printf-bz18872
+ tst-printf-bz18872 tst-vfprintf-width-prec
test-srcs = tst-unbputc tst-printf
ifeq ($(run-built-tests),yes)
tests-special += $(objpfx)tst-unbputc.out $(objpfx)tst-printf.out \
$(objpfx)tst-printf-bz18872-mem.out \
- $(objpfx)tst-setvbuf1-cmp.out
+ $(objpfx)tst-setvbuf1-cmp.out \
+ $(objpfx)tst-vfprintf-width-prec-mem.out
generated += tst-printf-bz18872.c tst-printf-bz18872.mtrace \
- tst-printf-bz18872-mem.out
+ tst-printf-bz18872-mem.out \
+ tst-vfprintf-width-prec.mtrace tst-vfprintf-width-prec-mem.out
endif
include ../Rules
@@ -86,6 +88,8 @@ $(objpfx)tst-swprintf.out: $(gen-locales)
endif
tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace
+tst-vfprintf-width-prec-ENV = \
+ MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace
$(objpfx)tst-unbputc.out: tst-unbputc.sh $(objpfx)tst-unbputc
$(SHELL) $< $(common-objpfx) '$(test-program-prefix)'; \
@@ -100,8 +104,8 @@ $(objpfx)tst-printf.out: tst-printf.sh $(objpfx)tst-printf
$(objpfx)tst-printf-bz18872.c: tst-printf-bz18872.sh
rm -f $@ && $(BASH) $^ > $@.new && mv $@.new $@
-$(objpfx)tst-printf-bz18872-mem.out: $(objpfx)tst-printf-bz18872.out
- $(common-objpfx)malloc/mtrace $(objpfx)tst-printf-bz18872.mtrace > $@; \
+$(objpfx)tst-%-mem.out: $(objpfx)tst-%.out
+ $(common-objpfx)malloc/mtrace $(objpfx)tst-$*.mtrace > $@; \
$(evaluate-test)
CFLAGS-vfprintf.c = -Wno-uninitialized
diff --git a/stdio-common/tst-vfprintf-width-prec.c b/stdio-common/tst-vfprintf-width-prec.c
new file mode 100644
index 0000000..2892741
--- /dev/null
+++ b/stdio-common/tst-vfprintf-width-prec.c
@@ -0,0 +1,107 @@
+/* Test for memory leak with large width and precision.
+ Copyright (C) 1991-2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <mcheck.h>
+#include <stdio.h>
+#include <sys/resource.h>
+#include <wchar.h>
+
+static int
+do_test (void)
+{
+ mtrace ();
+
+ int ret;
+ {
+ char *result;
+ ret = asprintf (&result, "%133000.133001x", 17);
+ if (ret < 0)
+ {
+ printf ("error: asprintf: %m\n");
+ return 1;
+ }
+ free (result);
+ }
+ {
+ wchar_t *result = calloc (ret + 1, sizeof (wchar_t));
+ if (result == NULL)
+ {
+ printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t));
+ return 1;
+ }
+
+ ret = swprintf (result, ret + 1, L"%133000.133001x", 17);
+ if (ret < 0)
+ {
+ printf ("error: swprintf: %d (%m)\n", ret);
+ return 1;
+ }
+ free (result);
+ }
+
+ /* Limit the size of the process, so that the second allocation will
+ fail. */
+ {
+ struct rlimit limit;
+ if (getrlimit (RLIMIT_AS, &limit) != 0)
+ {
+ printf ("getrlimit (RLIMIT_AS) failed: %m\n");
+ return 1;
+ }
+ long target = 200 * 1024 * 1024;
+ if (limit.rlim_cur == RLIM_INFINITY || limit.rlim_cur > target)
+ {
+ limit.rlim_cur = target;
+ if (setrlimit (RLIMIT_AS, &limit) != 0)
+ {
+ printf ("setrlimit (RLIMIT_AS) failed: %m\n");
+ return 1;
+ }
+ }
+ }
+
+ {
+ char *result;
+ ret = asprintf (&result, "%133000.999999999x", 17);
+ if (ret >= 0)
+ {
+ printf ("error: asprintf: incorrect result %d\n", ret);
+ return 1;
+ }
+ }
+ {
+ wchar_t result[100];
+ if (result == NULL)
+ {
+ printf ("error: calloc (%d, %zu): %m", ret + 1, sizeof (wchar_t));
+ return 1;
+ }
+
+ ret = swprintf (result, 100, L"%133000.999999999x", 17);
+ if (ret >= 0)
+ {
+ printf ("error: swprintf: incorrect result %d\n", ret);
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
index 6829d4d..f24020a 100644
--- a/stdio-common/vfprintf.c
+++ b/stdio-common/vfprintf.c
@@ -1564,6 +1564,11 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap)
prec = 0;
if (prec > width && prec > WORK_BUFFER_SIZE - 32)
{
+ /* Deallocate any previously allocated buffer because it is
+ too small. */
+ if (__glibc_unlikely (workstart != NULL))
+ free (workstart);
+ workstart = NULL;
if (__glibc_unlikely (prec >= INT_MAX / sizeof (CHAR_T) - 32))
{
__set_errno (EOVERFLOW);
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931]
2016-04-15 12:02 ` Florian Weimer
@ 2016-04-15 19:38 ` Paul Eggert
0 siblings, 0 replies; 7+ messages in thread
From: Paul Eggert @ 2016-04-15 19:38 UTC (permalink / raw)
To: Florian Weimer; +Cc: libc-alpha
On 04/15/2016 05:01 AM, Florian Weimer wrote:
> Ugh, right. I swear it was there at some point. I've enhanced the
> test to catch this.
Thanks, this looks good to me.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2016-04-15 19:38 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-11 15:18 [PATCH] vfprintf: Fix memory with large width and precision [BZ #19931] Florian Weimer
2016-04-11 15:52 ` Paul Eggert
2016-04-11 16:02 ` Florian Weimer
2016-04-14 12:23 ` Florian Weimer
2016-04-14 16:17 ` Paul Eggert
2016-04-15 12:02 ` Florian Weimer
2016-04-15 19:38 ` Paul Eggert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).