This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

vasprintf bugs


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I noticed these while trying to implement vasnprintf.

2007-03-12  Eric Blake  <ebb9@byu.net>

	* libc/stdio/fvwrite.c (__sfvwrite_r): Fix reentrancy.
	* libc/stdio/vasprintf.c (vasprintf, _vasprintf_r): Pass failed
	allocation to caller.

- --
Don't work too hard, make some time for fun as well!

Eric Blake             ebb9@byu.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF9U9m84KuGfSFAYARAquEAKDUX785MaHdyOwz47C7a05u7LInAQCgi+El
AqF9zxrORRJQI40HpDUrQIQ=
=//WO
-----END PGP SIGNATURE-----
Index: libc/stdio/fvwrite.c
===================================================================
RCS file: /cvs/src/src/newlib/libc/stdio/fvwrite.c,v
retrieving revision 1.9
diff -u -p -r1.9 fvwrite.c
--- libc/stdio/fvwrite.c	29 Nov 2006 21:36:54 -0000	1.9
+++ libc/stdio/fvwrite.c	12 Mar 2007 12:52:08 -0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1990, 2006 The Regents of the University of California.
+ * Copyright (c) 1990, 2006, 2007 The Regents of the University of California.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms are permitted
@@ -129,7 +129,7 @@ _DEFUN(__sfvwrite_r, (ptr, fp, uio),
 	    {
 	      if (len >= w && fp->_flags & __SMBF)
 		{ /* must be asprintf family */
-		  unsigned char *ptr;
+		  unsigned char *str;
 		  int curpos = (fp->_p - fp->_bf._base);
 		  /* Choose a geometric growth factor to avoid
 		     quadratic realloc behavior, but use a rate less
@@ -141,17 +141,16 @@ _DEFUN(__sfvwrite_r, (ptr, fp, uio),
 		  int newsize = fp->_bf._size * 3 / 2;
 		  if (newsize < curpos + len + 1)
 		    newsize = curpos + len + 1;
-		  ptr = (unsigned char *)_realloc_r (_REENT, 
-                                                     fp->_bf._base, 
-                                                     newsize);
-		  if (!ptr)
+		  str = (unsigned char *)_realloc_r (ptr, fp->_bf._base,
+						     newsize);
+		  if (!str)
 		    {
 		      /* Free buffer which is no longer used.  */
-		      _free_r (_REENT, fp->_bf._base);
+		      _free_r (ptr, fp->_bf._base);
 		      goto err;
 		    }
-		  fp->_bf._base = ptr;
-		  fp->_p = ptr + curpos;
+		  fp->_bf._base = str;
+		  fp->_p = str + curpos;
 		  fp->_bf._size = newsize;
 		  w = len;
 		  fp->_w = newsize - curpos;
Index: libc/stdio/vasprintf.c
===================================================================
RCS file: /cvs/src/src/newlib/libc/stdio/vasprintf.c,v
retrieving revision 1.4
diff -u -p -r1.4 vasprintf.c
--- libc/stdio/vasprintf.c	23 Apr 2004 20:01:55 -0000	1.4
+++ libc/stdio/vasprintf.c	12 Mar 2007 12:52:08 -0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1990 The Regents of the University of California.
+ * Copyright (c) 1990, 2007 The Regents of the University of California.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms are permitted
@@ -46,8 +46,11 @@ _DEFUN(vasprintf, (strp, fmt, ap),
   f._bf._size = f._w = 0;
   f._file = -1;  /* No file. */
   ret = _vfprintf_r (_REENT, &f, fmt, ap);
-  *f._p = 0;
-  *strp = f._bf._base;
+  if (ret >= 0)
+    {
+      *f._p = 0;
+      *strp = f._bf._base;
+    }
   return ret;
 }
 
@@ -68,8 +71,10 @@ _DEFUN(_vasprintf_r, (ptr, strp, fmt, ap
   f._bf._size = f._w = 0;
   f._file = -1;  /* No file. */
   ret = _vfprintf_r (ptr, &f, fmt, ap);
-  *f._p = 0;
-  *strp = f._bf._base;
+  if (ret >= 0)
+    {
+      *f._p = 0;
+      *strp = f._bf._base;
+    }
   return ret;
 }
-

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]