This is the mail archive of the
newlib@sourceware.org
mailing list for the newlib project.
Re: Bug in _VFPRINTF_R
> Ok. Thank Eric.
>
> -- Jeff J.
Slightly optimized patch checked in:
Index: libc/stdio/vfprintf.c
===================================================================
RCS file: /cvs/src/src/newlib/libc/stdio/vfprintf.c,v
retrieving revision 1.65
diff -u -p -r1.65 vfprintf.c
--- libc/stdio/vfprintf.c 19 Jul 2007 03:42:21 -0000 1.65
+++ libc/stdio/vfprintf.c 17 Sep 2007 20:08:02 -0000
@@ -1029,10 +1029,17 @@ reswitch: switch (ch) {
case 'S':
#endif
sign = '\0';
- if ((cp = GET_ARG (N, ap, char_ptr_t)) == NULL) {
+ cp = GET_ARG (N, ap, char_ptr_t);
+#ifndef __OPTIMIZE_SIZE__
+ /* Behavior is undefined if the user passed a
+ NULL string when precision is not 0.
+ However, if we are not optimizing for size,
+ we might as well mirror glibc behavior. */
+ if (cp == NULL) {
cp = "(null)";
- size = 6;
+ size = ((unsigned) prec > 6U) ? 6 : prec;
}
+#endif /* __OPTIMIZE_SIZE__ */
#ifdef _MB_CAPABLE
else if (ch == 'S' || (flags & LONGINT)) {
mbstate_t ps;
Oh, and on further thought,
printf("%.s", (char*)NULL)
is a special case. POSIX is clear that when precision is specified,
*printf must not dereference beyond the specified precision, so the
pointer must be effectively ignored when the string precision is 0.
I concede that my initial assessment that passing NULL to %s is
_always_ undefined was wrong (rather, passing NULL to %s is
undefined only iff the precision is unspecified or non-zero). And
yes, I verified that my patch is correct in obeying this corner case
whether or not we are optimizing for size, before checking it in.
--
Eric Blake
--
View this message in context: http://www.nabble.com/Bug-in-_VFPRINTF_R-tf4444608.html#a12744288
Sent from the Sourceware - newlib list mailing list archive at Nabble.com.