I'll look at it. -- Jeff J. On Tue, Oct 3, 2023 at 4:30 AM Takashi Yano wrote: > Ping? > > Is this Corinna's domain? > > On Tue, 26 Sep 2023 17:30:13 +0900 > Takashi Yano wrote: > > On Tue, 26 Sep 2023 12:41:47 +0900 > > Takashi Yano wrote: > > > Hi, > > > > > > I noticed that the following test case crashes at printf() with current > > > newlib. > > > > > > > > > #include > > > #include > > > #include > > > > > > int main() > > > { > > > setlocale(LC_ALL, "C.UTF-8"); > > > wprintf(L"%ls\n", L"aaaa"); /* or fwide(stdout, 1); */ > > > printf("%ls\n", L"bbbb"); /* <--- crash here */ > > > return 0; > > > } > > > > > > > > > I looked into this problem and found the cause. > > > > > > A narrow char string which can be odd bytes in length is cast into > > > a wide char string which should be even bytes in length in __sprint_r/ > > > __sfputs_r based on the __SWID flag. As a result, if the length is > > > odd bytes, the reading buffer runs over the buffer length, which causes > > > a crash. If the length is even bytes, crash does not happen, but > garbage > > > is printed. This hapens if printf("%ls\r\n", L"bbbb"); is used instead. > > > ^^ > > > > > > The same issue seemed to be reported ten years ago. > > > https://sourceware.org/pipermail/newlib/2013/010831.html > > > > > > I have built a patch attached for this issue. > > > > > > With this patch, __sfputs_r/__sprint_r is split into two versions, one > > > is for vfprintf which does not handle wide string, and the other (newly > > > introduced __sfputws_r/__swprin_r) is for vfwprintf which handles wide > > > string. Please note that fprintf gets working for wide orient stream > > > just like BSD libc, which behaves differently from GNU libc. > > > > > > This patch also fixes nano-vfprintf.c as well as vfprintf.c/vfwprintf.c > > > in the same manner. > > > > v2: Remove __sprint_r from nano-vfprintf.c which does not seem to be used > > anymore. > > > > -- > > Takashi Yano > > > -- > Takashi Yano > >