Bug#609756: vsnprintf segfaults on second attempt with alloca
Package: libc6
Version: 2.7-18lenny7
Changing to alloca malloc does not help.
/*
fprint.c - unistdio fprint function - Andrew Buckeridge
*/
#include <stdio.h>
#include <stdarg.h>
#include <unistd.h>
#include <stdlib.h>
#include "fprint.h"
/*
#include <string.h>
*/
/* +Ve == bytes written -Ve == bytes required */
int vfnprint(int fdout, int r, const char *fmt, va_list ap)
{
int i;
char *p;
p=malloc(r);
p[r-1]='\0';
/*
memset(p,0,r);
*/
/* NB: alloca may return shit, but no it _IS_ vsnprintf */
fprintf(stderr,"\nvsnprintf(%d,%d,%p,...)=",fdout,r,fmt);
/* segfault inside this */
i=vsnprintf(p,r,fmt,ap);
fprintf(stderr,"=%d\n",i);
if(i<0) {
free(p);
return 1-2*r;
}
if(i<r) {
i=((write(fdout,p,i))==i)?i:-1;
free(p);
return i;
}
free(p);
return -i;
}
/* +Ve == bytes written -Ve == failure */
int vfprint(int fdout, const char *fmt, va_list ap)
{
int i=NONSTDBUF;
i=vfnprint(fdout, i, fmt, ap);
if(i<-1)
i=vfnprint(fdout, 1-i, fmt, ap);
return i;
}
int fprint(int fdout, const char *fmt, ...)
{
va_list ap;
int r;
va_start(ap, fmt);
r=vfprint(fdout, fmt, ap);
va_end(ap);
return r;
}
Reply to: