qiurui
/
glibc
mirror of git://sourceware.org/git/glibc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
glibc/debug
History
Florian Weimer 0d50f477f4 stdio-common: Handle -1 buffer size in __sprintf_chk & co (bug 30039) 
This shows up as an assertion failure when sprintf is called with
a specifier like "%.8g" and libquadmath is linked in:

Fatal glibc error: printf_buffer_as_file.c:31
  (__printf_buffer_as_file_commit): assertion failed:
  file->stream._IO_write_ptr <= file->next->write_end

Fix this by detecting pointer wraparound in __vsprintf_internal
and saturate the addition to the end of the address space instead.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
 		2023-01-25 08:01:00 +01:00
..
Depend
Makefile stdio-common: Handle -1 buffer size in __sprintf_chk & co (bug 30039) 2023-01-25 08:01:00 +01:00
Versions
asprintf_chk.c
backtrace-tst.c
backtrace.c
backtracesyms.c
backtracesymsfd.c
chk_fail.c
confstr_chk.c
dprintf_chk.c
execinfo.h
explicit_bzero_chk.c
fdelt_chk.c
fgets_chk.c
fgets_u_chk.c
fgetws_chk.c
fgetws_u_chk.c
fortify_fail.c
fprintf_chk.c
fread_chk.c
fread_u_chk.c
fwprintf_chk.c
getcwd_chk.c
getdomainname_chk.c
getgroups_chk.c
gethostname_chk.c
gets_chk.c
getwd_chk.c
longjmp_chk.c
mbsnrtowcs_chk.c
mbsrtowcs_chk.c
mbstowcs_chk.c
memcpy_chk.c
memmove_chk.c
mempcpy_chk.c
memset_chk.c
noophooks.c
obprintf_chk.c
pcprofile.c
pcprofiledump.c Update copyright dates not handled by scripts/update-copyrights 2023-01-06 21:45:36 +00:00
poll_chk.c
ppoll_chk.c
pread64_chk.c
pread_chk.c
printf_chk.c
read_chk.c
readlink_chk.c
readlinkat_chk.c
readonly-area.c
realpath_chk.c
recv_chk.c
recvfrom_chk.c
snprintf_chk.c
sprintf_chk.c
stack_chk_fail.c
stack_chk_fail_local.c
stpcpy_chk.c
stpncpy_chk.c
strcat_chk.c
strcpy_chk.c
strncat_chk.c
strncpy_chk.c
swprintf_chk.c
test-stpcpy_chk.c
test-strcpy_chk.c
tst-backtrace.h
tst-backtrace2.c
tst-backtrace3.c
tst-backtrace4.c
tst-backtrace5.c
tst-backtrace6.c
tst-chk-cancel.c
tst-fortify.c
tst-longjmp_chk.c
tst-longjmp_chk2.c
tst-longjmp_chk3.c
tst-realpath-chk.c
tst-sprintf-fortify-unchecked.c stdio-common: Handle -1 buffer size in __sprintf_chk & co (bug 30039) 2023-01-25 08:01:00 +01:00
tst-ssp-1.c
ttyname_r_chk.c
vasprintf_chk.c
vdprintf_chk.c
vfprintf_chk.c
vfwprintf_chk.c
vobprintf_chk.c
vprintf_chk.c
vsnprintf_chk.c
vsprintf_chk.c
vswprintf_chk.c
vwprintf_chk.c
wcpcpy_chk.c
wcpncpy_chk.c
wcrtomb_chk.c
wcscat_chk.c
wcscpy_chk.c
wcsncat_chk.c
wcsncpy_chk.c
wcsnrtombs_chk.c
wcsrtombs_chk.c
wcstombs_chk.c
wctomb_chk.c
wmemcpy_chk.c
wmemmove_chk.c
wmempcpy_chk.c
wmemset_chk.c
wprintf_chk.c
xtrace.sh Update copyright dates not handled by scripts/update-copyrights 2023-01-06 21:45:36 +00:00