This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2][BZ #14286] Fix integer overflow in vfwprintf.
- From: OndÅej BÃlka <neleai at seznam dot cz>
- To: Andreas Schwab <schwab at suse dot de>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 21 Oct 2013 14:38:21 +0200
- Subject: Re: [PATCH v2][BZ #14286] Fix integer overflow in vfwprintf.
- Authentication-results: sourceware.org; auth=none
- References: <20131021082701 dot GA22363 at domone dot podge> <mvmsivv805x dot fsf at hawking dot suse dot de> <20131021093837 dot GA23041 at domone dot podge> <mvmob6j7x0r dot fsf at hawking dot suse dot de>
On Mon, Oct 21, 2013 at 12:12:36PM +0200, Andreas Schwab wrote:
> OndÅej BÃlka <neleai@seznam.cz> writes:
>
> > I copied that from case when malloc fails that if I read code
> > correctly does not set ENOMEM.
>
> Testcase?
>
Here, nothing gets written but errno is 0.
#define _GNU_SOURCE
#include <malloc.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <locale.h>
char *malloc0(size_t s){
return NULL;
}
char s[1000001];
int main(){
setlocale(LC_ALL,"en_US.UTF8");
int i;
FILE *f=fopen("foo","w");
for (i=0;i<1000000;i++)
s[i] = 'x';
s[1000000]=0;
__malloc_hook=malloc0;
int c=fwprintf(f,L"%s",s);
if (errno != ENOMEM)
abort();
}