This is the mail archive of the libc-alpha@cygnus.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

a variable miss initialized in mbsrtowcs


>Submitter-Id:  net
>Originator:    Shinya Hanataka
>Organization:  no
>Confidential:  no
>Synopsis:      a variable miss initialized in mbsrtowcs
>Severity:      serious
>Priority:      medium
>Category:      libc
>Class:         sw-bug
>Release:       libc-2.1
>Environment:
        PC-clone, pentium CPU, Linux 2.2.5
Host type: i586-pc-linux-gnu
System: Linux chaos 2.2.5 #21 SMP Sun Apr 4 12:52:30 JST 1999 i586 unknown
Architecture: i586
Addons: crypt linuxthreads
Build CFLAGS: -O3 -mpentium
Build CC: gcc
Compiler version: egcs-2.91.66 19990314 (egcs-1.1.2 release)
Kernel headers: 2.2.5
Symbol versioning: yes
Build static: yes
Build shared: yes
Build pic-default: no
Build profile: yes
Build omitfp: no
Build bounded: no
Build static-nss: no
Stdio: libio

>Description:
	In mbsrtowcs, with dst=NULL, data.outbufend is miss initialized,
	because that data.outbuf is not initialized yet.
	This cause endless loop in some environment.
>How-To-Repeat:
	this is initializing probrem, so no repeat statically.
>Fix:
--- glibc-2.1/wcsmbs/mbsrtowcs.c.orig	Mon Apr 19 02:30:02 1999
+++ glibc-2.1/wcsmbs/mbsrtowcs.c	Mon Apr 19 03:14:41 1999
@@ -61,10 +61,10 @@
       const char *srcend = *src + strlen (*src) + 1;
       const char *inbuf = *src;
 
-      data.outbufend = data.outbuf + sizeof (buf);
       do
 	{
 	  data.outbuf = (char *) buf;
+	  data.outbufend = data.outbuf + sizeof (buf);
 
 	  status = (*__wcsmbs_gconv_fcts.towc->fct) (__wcsmbs_gconv_fcts.towc,
 						     &data, &inbuf, srcend,


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]