bug-gnulib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Re: buggy vfprintf makes printf(1) segfault on freebsd 5.0

From: Jim Meyering
Subject: Re: [PATCH] Re: buggy vfprintf makes printf(1) segfault on freebsd 5.0
Date: Tue, 30 Oct 2007 14:18:38 +0100 
Bruno Haible <address@hidden> wrote:
>> >>   freebsd$ ./printf %.2147483647f 1
>> >>   Segmentation fault (core dumped)
>
> I reproduce on NetBSD 3.0, both with the system's printf program and with
> the coreutils printf.
>
> It dumps core for width 50000000 but not for width 10000000. Therfore I
> think it's an unhandled out-of-memory condition.

I concluded the same thing last week when I saw on x86_64
that glibc's printf function tries to mmap a region
just a tiny bit smaller than 2^64.  Actual size happened
to be 2^64 - 2^31 + 2^12.  It didn't succeed.  BTW, that's the
value you get when interpreting a 32-bit-wrapped (2147483647+1+4k)
aka -2147479552 as an unsigned 64-bit (size_t) quantity.
I've just reported it: http://bugzilla.redhat.com/358111

...
> It's the xprintf.c code which calls vprintf(), bypassing printf(). Since
> this is a detail that the gnulib user should not know about, we should
> introduce a module 'xprintf-posix' that causes xprintf to have POSIX
> semantics for the formatted output. It will depend on xprintf and
> vprintf-posix. I'll do it later today if you don't beat me to it.

That makes sense.
It will be less invasive, too.
Thanks.  I'll let you do it :)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]