[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gnulib vasnprintf change introduced a bug

From: Paul Eggert
Subject: gnulib vasnprintf change introduced a bug
Date: Sun, 31 Aug 2014 19:23:53 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0

The recent change to gnulib's vasnprintf module, which replaced 'p - tmp < width' with 'p < tmp + width', did not fix any bugs, and introduced a bug because 'tmp + width' has undefined behavior if the resulting pointer would fall outside the containing buffer (this is true even though the pointer is not dereferenced).

Generally speaking, I don't advise modifying code to pacify GCC on this point. It's better to use -Wno-sign-compare, as the signal-to-noise ratio with -Wsign-compare is too high, and it's too tempting to introduce bugs such as this one.

That being said, I worked around this problem with the attached further patch, which fixes somewhat-related issues that I also noticed.

Attachment: 0001-vasnprintf-fix-bugs-in-width-computation.patch
Description: Text document

reply via email to

[Prev in Thread] Current Thread [Next in Thread]