From: Corinna Vinschen <vinschen@redhat.com>
To: newlib@sourceware.org
Subject: Re: [PATCH v5] newlib: libc: Fix crash on fprintf to a wide-oriented stream.
Date: Thu, 9 Nov 2023 13:49:41 +0100 [thread overview]
Message-ID: <ZUzVZTd6SuD5W+7R@calimero.vinschen.de> (raw)
In-Reply-To: <20231109192624.8fd1d42b4123b444b095f81f@nifty.ne.jp>
On Nov 9 19:26, Takashi Yano wrote:
> On Thu, 9 Nov 2023 11:08:03 +0100
> Corinna Vinschen wrote:
> > On Nov 9 06:48, Takashi Yano wrote:
> > > Previously, fprintf() on a wide-oriented stream crashes or outputs
> > > garbage. This is because a narrow char string which can be odd bytes
> > > in length is cast into a wide char string which should be even
> > > bytes in length in __sprint_r/__sfputs_r based on the __SWID flag.
> > > As a result, if the length is odd bytes, the reading buffer runs over
> > > the buffer length, which causes a crash. If the length is even bytes,
> > > garbage is printed.
> > >
> > > With this patch, any output to the stream which is set to different
> > > orientation fails with error just like glibc. Note that it behaves
> > > differently from other libc implementations such as BSD, musl and
> > > Solaris.
> > >
> > > Reviewed-by: Corinna Vinschen <corinna@vinschen.de>
> > > Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
> > > ---
> > > newlib/libc/stdio/fgetwc.c | 6 ++++--
> > > newlib/libc/stdio/fgetwc_u.c | 3 ++-
> > > newlib/libc/stdio/fgetws.c | 3 ++-
> > > newlib/libc/stdio/fputs.c | 9 ++++++---
> > > newlib/libc/stdio/fputwc.c | 6 ++++--
> > > newlib/libc/stdio/fputwc_u.c | 3 ++-
> > > newlib/libc/stdio/fputws.c | 6 ++++--
> > > newlib/libc/stdio/fread.c | 7 ++++++-
> > > newlib/libc/stdio/fwrite.c | 9 +++++++--
> > > newlib/libc/stdio/local.h | 31 +++++++++++++++++--------------
> > > newlib/libc/stdio/putc.c | 4 ++++
> > > newlib/libc/stdio/puts.c | 9 ++++++---
> > > newlib/libc/stdio/refill.c | 3 ++-
> > > newlib/libc/stdio/ungetc.c | 6 +++++-
> > > newlib/libc/stdio/ungetwc.c | 5 +++--
> > > newlib/libc/stdio/vfprintf.c | 5 ++++-
> > > newlib/libc/stdio/vfscanf.c | 6 +++++-
> > > newlib/libc/stdio/vfwprintf.c | 5 ++++-
> > > newlib/libc/stdio/vfwscanf.c | 6 +++++-
> > > 19 files changed, 92 insertions(+), 40 deletions(-)
> >
> > Looks good, please push.
>
> Thanks. Should this also be applied to cygwin-3_4-branch?
Tricky question. It's a bugfix, yeah, but a bugfix for an undefined
situation. And it's also a behavioral change. So, from my POV we
shouldn't backport it.
But if you have another POV, we can discuss it. It occured to me that
you didn't mention where the testcase is coming from. Was that a
real-world problem? If so, where and in which circumstances?
Corinna
next prev parent reply other threads:[~2023-11-09 12:49 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-08 21:48 Takashi Yano
2023-11-09 10:08 ` Corinna Vinschen
2023-11-09 10:26 ` Takashi Yano
2023-11-09 12:49 ` Corinna Vinschen [this message]
2023-11-09 15:36 ` Takashi Yano
2023-11-10 10:18 ` Christophe Lyon
2023-11-10 11:34 ` Takashi Yano
2023-11-10 13:33 ` Christophe Lyon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZUzVZTd6SuD5W+7R@calimero.vinschen.de \
--to=vinschen@redhat.com \
--cc=newlib@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).