This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Fix BZ #18757 (fmemopen doesn't fail with invalid modes)


On 09 Aug 2015 20:45, Paul Pluzhnikov wrote:
> On Sun, Aug 9, 2015 at 7:36 PM, Mike Frysinger wrote:
> > On 09 Aug 2015 15:28, Paul Pluzhnikov wrote:
> >> +/* Check valid open mode.  Only "(r|w|a)\+?" are valid.  */
> >
> > this is not what the documentation states:
> 
> AFAICT, only "r", "w", "w+" and "a" are really used by __fmemopen,

i'm not debating what the code actually does, just that your proposed changes
violate the documentation and the guarantees we've made about this API in the
past.  i think that alone means we shouldn't try to tighten down things (at
least beyond what fopen does).

> --- a/libio/fmemopen.c
> +++ b/libio/fmemopen.c
> @@ -149,6 +149,7 @@ __fmemopen (void *buf, size_t len, const char *mode)
>  {
>    cookie_io_functions_t iof;
>    fmemopen_cookie_t *c;
> +  FILE *ret;
>  
>    c = (fmemopen_cookie_t *) calloc (sizeof (fmemopen_cookie_t), 1);
>    if (c == NULL)
> @@ -209,7 +210,16 @@ __fmemopen (void *buf, size_t len, const char *mode)
>    iof.seek = fmemopen_seek;
>    iof.close = fmemopen_close;
>  
> -  return _IO_fopencookie (c, mode, iof);
> +  ret = _IO_fopencookie (c, mode, iof);
> +
> +  if (__glibc_unlikely (ret == NULL))
> +    {
> +      /* BZ #18757 -- set EINVAL  */

should have a period at the end.

> +      __set_errno (EINVAL);
> +      free (c);

i think you also need to free c->buffer when c->mybuffer is true
-mike

Attachment: signature.asc
Description: Digital signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]