diff options
author | Florian Weimer <fweimer@redhat.com> | 2023-01-25 08:01:00 +0100 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2023-01-25 08:01:00 +0100 |
commit | 0d50f477f47ba637b54fb03ac48d769ec4543e8d (patch) | |
tree | 598fbe050d8441a6152237d5442d2506ed846bf0 /debug/Makefile | |
parent | 0674613e6652a46063756f162bdef88622b3bdbd (diff) | |
download | glibc-0d50f477f47ba637b54fb03ac48d769ec4543e8d.zip glibc-0d50f477f47ba637b54fb03ac48d769ec4543e8d.tar.gz glibc-0d50f477f47ba637b54fb03ac48d769ec4543e8d.tar.bz2 |
stdio-common: Handle -1 buffer size in __sprintf_chk & co (bug 30039)
This shows up as an assertion failure when sprintf is called with
a specifier like "%.8g" and libquadmath is linked in:
Fatal glibc error: printf_buffer_as_file.c:31
(__printf_buffer_as_file_commit): assertion failed:
file->stream._IO_write_ptr <= file->next->write_end
Fix this by detecting pointer wraparound in __vsprintf_internal
and saturate the addition to the end of the address space instead.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'debug/Makefile')
-rw-r--r-- | debug/Makefile | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/debug/Makefile b/debug/Makefile index 13f15d1..52f9a78 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -200,6 +200,10 @@ LDFLAGS-tst-backtrace6 = -rdynamic CFLAGS-tst-ssp-1.c += -fstack-protector-all +# Disable compiler optimizations around vsprintf (the function under test). +CFLAGS-tst-sprintf-fortify-unchecked.c = \ + -fno-builtin-vsprintf -fno-builtin-__vsprintf_chk + tests = backtrace-tst \ tst-longjmp_chk \ test-strcpy_chk \ @@ -211,6 +215,7 @@ tests = backtrace-tst \ tst-backtrace5 \ tst-backtrace6 \ tst-realpath-chk \ + tst-sprintf-fortify-unchecked \ $(tests-all-chk) tests-time64 += \ |