This is the mail archive of the newlib@sourceware.org mailing list for the newlib project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH] vfwprintf.c


Hi,

This patch fixes a problem in the newlib vfwprintf implementation.

For each conversion specifier in the format string that is [feEgG], the
current vfwprintf implementation provides only a 40-length wide-char
buffer for conversion. This causes code like the following to misbehave.

  wchar_t largebuf[512];
  double val = 1.7976931348623158e+308;
  swprintf(largebuf, 512, L"%.*f", 3, val);

Only the first 40 characters can be correctly converted due to the
limited length of the buffer. This will cause junk in the rest of the
converted wide-char sequence, and can potentially corrupt the memory
immediately after 'largebuf'.

The example code is a repro of the libstdc++-v3 test
./libstdc++-v3/testsuite/27_io/basic_ostream/inserters_arithmetic/wchar_t/44
02.cc
which currently fails when newlib is used as the C library.

The patch was prepared with the consideration of minimum code change.
It is probably not worth a bigger surgery in the code since the 
conversion of extremely long wide char sequence is fairly rare.

The 2nd attached patch adds a test to the testsuite.

Thanks,
Yufeng


newlib/ChangeLog
2011-06-09  Yufeng Zhang  <yufeng.zhang@arm.com>

        * libc/stdio/vfwprintf.c (wcvt): Add new parameter 'len' of type
        int.  Replace BUF with len.
        (VFWPRINTF): Add extra call to wcvt with a malloced new buffer,
        when the fixed-length buffer 'buf' is not large enough.

Attachment: patch-vfwprintf.txt
Description: Text document

Attachment: patch-test.txt
Description: Text document


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]