aboutsummaryrefslogtreecommitdiff
path: root/libio
diff options
context:
space:
mode:
Diffstat (limited to 'libio')
-rw-r--r--libio/Makefile2
-rw-r--r--libio/fileops.c41
-rw-r--r--libio/tst-mmap-offend.c86
3 files changed, 116 insertions, 13 deletions
diff --git a/libio/Makefile b/libio/Makefile
index 28d8519..58d6575 100644
--- a/libio/Makefile
+++ b/libio/Makefile
@@ -53,7 +53,7 @@ tests = tst_swprintf tst_wprintf tst_swscanf tst_wscanf tst_getwc tst_putwc \
tst-mmap-setvbuf bug-ungetwc1 bug-ungetwc2 tst-atime tst-eof \
tst-freopen bug-rewind bug-ungetc bug-fseek \
tst-mmap-eofsync tst-mmap-fflushsync bug-mmap-fflush \
- tst-mmap2-eofsync
+ tst-mmap2-eofsync tst-mmap-offend
test-srcs = test-freopen
all: # Make this the default target; it will be defined in Rules.
diff --git a/libio/fileops.c b/libio/fileops.c
index 247243f..24235e9 100644
--- a/libio/fileops.c
+++ b/libio/fileops.c
@@ -665,22 +665,30 @@ mmap_remap_check (_IO_FILE *fp)
# undef ROUNDED
fp->_offset -= fp->_IO_read_end - fp->_IO_read_ptr;
- _IO_setg (fp, fp->_IO_buf_base, fp->_IO_buf_base + fp->_offset,
+ _IO_setg (fp, fp->_IO_buf_base,
+ fp->_offset < fp->_IO_buf_end - fp->_IO_buf_base
+ ? fp->_IO_buf_base + fp->_offset : fp->_IO_buf_end,
fp->_IO_buf_end);
- if (
+ /* If we are already positioned at or past the end of the file, don't
+ change the current offset. If not, seek past what we have mapped,
+ mimicking the position left by a normal underflow reading into its
+ buffer until EOF. */
+
+ if (fp->_offset < fp->_IO_buf_end - fp->_IO_buf_base)
+ {
+ if (
# ifdef _G_LSEEK64
- _G_LSEEK64
+ _G_LSEEK64
# else
- __lseek
+ __lseek
# endif
- (fp->_fileno, fp->_IO_buf_end - fp->_IO_buf_base, SEEK_SET)
- != fp->_IO_buf_end - fp->_IO_buf_base)
- {
- fp->_flags |= _IO_ERR_SEEN;
- return EOF;
+ (fp->_fileno, fp->_IO_buf_end - fp->_IO_buf_base, SEEK_SET)
+ != fp->_IO_buf_end - fp->_IO_buf_base)
+ fp->_flags |= _IO_ERR_SEEN;
+ else
+ fp->_offset = fp->_IO_buf_end - fp->_IO_buf_base;
}
- fp->_offset = fp->_IO_buf_end - fp->_IO_buf_base;
return 0;
}
@@ -1152,8 +1160,17 @@ _IO_file_seekoff_mmap (fp, offset, dir, mode)
if (result < 0)
return EOF;
- _IO_setg (fp, fp->_IO_buf_base, fp->_IO_buf_base + offset,
- fp->_IO_buf_base + offset);
+ if (offset > fp->_IO_buf_end - fp->_IO_buf_base)
+ /* One can fseek arbitrarily past the end of the file
+ and it is meaningless until one attempts to read.
+ Leave the buffer pointers in EOF state until underflow. */
+ _IO_setg (fp, fp->_IO_buf_base, fp->_IO_buf_end, fp->_IO_buf_end);
+ else
+ /* Adjust the read pointers to match the file position,
+ but so the next read attempt will call underflow. */
+ _IO_setg (fp, fp->_IO_buf_base, fp->_IO_buf_base + offset,
+ fp->_IO_buf_base + offset);
+
fp->_offset = result;
_IO_mask_flags (fp, 0, _IO_EOF_SEEN);
diff --git a/libio/tst-mmap-offend.c b/libio/tst-mmap-offend.c
new file mode 100644
index 0000000..2025f1d
--- /dev/null
+++ b/libio/tst-mmap-offend.c
@@ -0,0 +1,86 @@
+/* Test case for bug with mmap stdio read past end of file. */
+
+#include <stdio.h>
+#include <error.h>
+#include <errno.h>
+
+static void do_prepare (void);
+#define PREPARE(argc, argv) do_prepare ()
+static int do_test (void);
+#define TEST_FUNCTION do_test ()
+#include <test-skeleton.c>
+
+static char *temp_file;
+
+static const char text1[] = "hello\n";
+
+static void
+do_prepare (void)
+{
+ int temp_fd = create_temp_file ("tst-mmap-offend.", &temp_file);
+ if (temp_fd == -1)
+ error (1, errno, "cannot create temporary file");
+ else
+ {
+ ssize_t cc = write (temp_fd, text1, sizeof text1 - 1);
+ if (cc != sizeof text1 - 1)
+ error (1, errno, "cannot write to temporary file");
+ }
+ close (temp_fd);
+}
+
+static int
+do_test (void)
+{
+ unsigned char buffer[8192];
+ int result = 0;
+ FILE *f = fopen (temp_file, "r");
+ size_t cc;
+
+ if (f == NULL)
+ {
+ perror (temp_file);
+ return 1;
+ }
+
+ cc = fread (buffer, 1, sizeof (buffer), f);
+ printf ("fread %zu: \"%.*s\"\n", cc, (int) cc, buffer);
+ if (cc != sizeof text1 - 1)
+ {
+ perror ("fread");
+ result = 1;
+ }
+
+ if (fseek (f, 2048, SEEK_SET) != 0)
+ {
+ perror ("fseek off end");
+ result = 1;
+ }
+
+ if (fread (buffer, 1, sizeof (buffer), f) != 0
+ || ferror (f) || !feof (f))
+ {
+ printf ("after fread error %d eof %d\n",
+ ferror (f), feof (f));
+ result = 1;
+ }
+
+ printf ("ftell %ld\n", ftell (f));
+
+ if (fseek (f, 0, SEEK_SET) != 0)
+ {
+ perror ("fseek rewind");
+ result = 1;
+ }
+
+ cc = fread (buffer, 1, sizeof (buffer), f);
+ printf ("fread after rewind %zu: \"%.*s\"\n", cc, (int) cc, buffer);
+ if (cc != sizeof text1 - 1)
+ {
+ perror ("fread after rewind");
+ result = 1;
+ }
+
+ fclose (f);
+ return result;
+}