aboutsummaryrefslogtreecommitdiff
path: root/stdio-common
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2007-12-10 01:43:40 +0000
committerUlrich Drepper <drepper@redhat.com>2007-12-10 01:43:40 +0000
commitb4354cf42008f12cac246759b64db0439a82ce67 (patch)
treec5f15a5aae3d23cbc4a603bf07532aa85959c404 /stdio-common
parent87520cccf6207f0a3525b5a5d5dc2ffd80b3d416 (diff)
downloadglibc-b4354cf42008f12cac246759b64db0439a82ce67.zip
glibc-b4354cf42008f12cac246759b64db0439a82ce67.tar.gz
glibc-b4354cf42008f12cac246759b64db0439a82ce67.tar.bz2
[BZ #5424, BZ #5428, BZ #5451]
2007-12-08 Ulrich Drepper <drepper@redhat.com> [BZ #5424] * stdio-common/vfprintf.c: Do not overflow when adding to done. * stdio-common/Makefile (tests): Add bug22. * stdio-common/bug22.c: New file. [BZ #5451] * time/getdate.c: Fix filling in default values. * time/bug-getdate1.c: New file. * time/Makefile: Add rules to build and run bug-getdate1. * iconvdata/ebcdic-is-friss.c: Use 8bit-gap instead of 8bit-generic. * iconvdata/ebcdic-es.c: Likewise. * iconvdata/ebcdic-es-a.c: Likewise. * iconvdata/ebcdic-uk.c: Likewise. * iconvdata/iso8859-16.c: Likewise. * iconvdata/viscii.c: Likewise. * iconvdata/iso8859-9e.c: Likewise. * iconvdata/Makefile: Adjust appropriately. [BZ #5428] * wcsmbs/wchar.h: Unconditionally undefine __need_mbstate and __need_wint_t. * iconvdata/gconv-modules: Likewise.
Diffstat (limited to 'stdio-common')
-rw-r--r--stdio-common/Makefile2
-rw-r--r--stdio-common/bug22.c32
-rw-r--r--stdio-common/vfprintf.c32
3 files changed, 56 insertions, 10 deletions
diff --git a/stdio-common/Makefile b/stdio-common/Makefile
index db622af..f9fc9da 100644
--- a/stdio-common/Makefile
+++ b/stdio-common/Makefile
@@ -57,7 +57,7 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \
tst-perror tst-sprintf tst-rndseek tst-fdopen tst-fphex bug14 bug15 \
tst-popen tst-unlockedio tst-fmemopen2 tst-put-error tst-fgets \
tst-fwrite bug16 bug17 tst-swscanf tst-sprintf2 bug18 bug18a \
- bug19 bug19a tst-popen2 scanf13 scanf14 scanf15 bug20 bug21
+ bug19 bug19a tst-popen2 scanf13 scanf14 scanf15 bug20 bug21 bug22
test-srcs = tst-unbputc tst-printf
diff --git a/stdio-common/bug22.c b/stdio-common/bug22.c
new file mode 100644
index 0000000..2228388
--- /dev/null
+++ b/stdio-common/bug22.c
@@ -0,0 +1,32 @@
+/* BZ #5424 */
+#include <stdio.h>
+
+#define N 2147483648
+
+#define STRINGIFY(S) #S
+#define MAKE_STR(S) STRINGIFY(S)
+
+#define SN MAKE_STR(N)
+
+static int
+do_test (void)
+{
+ int ret;
+
+ FILE *fp = fopen ("/dev/null", "w");
+ if (fp == NULL)
+ {
+ puts ("cannot open /dev/null");
+ return 1;
+ }
+
+ ret = fprintf (fp, "%" SN "d%" SN "d", 1, 1);
+
+ printf ("ret = %d\n", ret);
+
+ return ret != -1;
+}
+
+#define TIMEOUT 30
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
index 434ad86..d10a5c6 100644
--- a/stdio-common/vfprintf.c
+++ b/stdio-common/vfprintf.c
@@ -64,6 +64,19 @@
} while (0)
#define UNBUFFERED_P(S) ((S)->_IO_file_flags & _IO_UNBUFFERED)
+#define done_add(val) \
+ do { \
+ unsigned int _val = val; \
+ assert ((unsigned int) done < (unsigned int) INT_MAX); \
+ if (__builtin_expect ((unsigned int) INT_MAX - (unsigned int) done \
+ < _val, 0)) \
+ { \
+ done = -1; \
+ goto all_done; \
+ } \
+ done += _val; \
+ } while (0)
+
#ifndef COMPILE_WPRINTF
# define vfprintf _IO_vfprintf_internal
# define CHAR_T char
@@ -76,7 +89,7 @@
# define PUT(F, S, N) _IO_sputn ((F), (S), (N))
# define PAD(Padchar) \
if (width > 0) \
- done += INTUSE(_IO_padn) (s, (Padchar), width)
+ done_add (INTUSE(_IO_padn) (s, (Padchar), width))
# define PUTC(C, F) _IO_putc_unlocked (C, F)
# define ORIENT if (_IO_vtable_offset (s) == 0 && _IO_fwide (s, -1) != -1)\
return -1
@@ -95,7 +108,7 @@
# define PUT(F, S, N) _IO_sputn ((F), (S), (N))
# define PAD(Padchar) \
if (width > 0) \
- done += _IO_wpadn (s, (Padchar), width)
+ done_add (_IO_wpadn (s, (Padchar), width))
# define PUTC(C, F) _IO_putwc_unlocked (C, F)
# define ORIENT if (_IO_fwide (s, 1) != 1) return -1
@@ -116,20 +129,21 @@
do \
{ \
register const INT_T outc = (Ch); \
- if (PUTC (outc, s) == EOF) \
+ if (PUTC (outc, s) == EOF || done == INT_MAX) \
{ \
done = -1; \
goto all_done; \
} \
- else \
- ++done; \
+ ++done; \
} \
while (0)
#define outstring(String, Len) \
do \
{ \
- if ((size_t) PUT (s, (String), (Len)) != (size_t) (Len)) \
+ assert ((size_t) done <= (size_t) INT_MAX); \
+ if ((size_t) PUT (s, (String), (Len)) != (size_t) (Len) \
+ || (size_t) INT_MAX - (size_t) done < (size_t) (Len)) \
{ \
done = -1; \
goto all_done; \
@@ -811,7 +825,7 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap)
goto all_done; \
} \
\
- done += function_done; \
+ done_add (function_done); \
} \
break; \
\
@@ -865,7 +879,7 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap)
goto all_done; \
} \
\
- done += function_done; \
+ done_add (function_done); \
} \
break; \
\
@@ -1893,7 +1907,7 @@ do_positional:
goto all_done;
}
- done += function_done;
+ done_add (function_done);
}
break;
}