This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/13446] crash in vfprintf with more than 64 format args and format specifiers

From: "aj at suse dot de" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: Sun, 18 Dec 2011 06:32:26 +0000
Subject: [Bug libc/13446] crash in vfprintf with more than 64 format args and format specifiers
Auto-submitted: auto-generated
References: <bug-13446-131@http.sourceware.org/bugzilla/>

http://sourceware.org/bugzilla/show_bug.cgi?id=13446

Andreas Jaeger <aj at suse dot de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |

--- Comment #7 from Andreas Jaeger <aj at suse dot de> 2011-12-18 06:32:26 UTC ---
The patch is wrong, you need to increase nspecs_size in the for loop if you do
a new alloca call.

Otherwise you call alloca every time with nspecs_size*2  - and eventually
override the array

Add after:
 specs = extend_alloca (specs, nspecs_size, 2 * nspecs_size);

a line with:
 nspecs_size = 2 * nspecs_size;

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]