AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2024-11-21 12:30:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Correct buffer end pointer in IO_wdefault_doallocate (BZ #26874)

Browse Source 
An experimental build of GCC 11 with an enhanced -Warray-bounds
reports a bug in IO_wdefault_doallocate where the function forms
an invalid past-the-end pointer to an allocated wchar_t buffer
by failingf to consider the scaling by sizeof (wchar_t).

The fix path below corrects this problem.  It keeps the buffer
size the same as opposed to increasing it according to what other
code like it does.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
This commit is contained in:
Martin Sebor 2021-03-01 10:35:39 +05:30 committed by Siddhesh Poyarekar
parent 9fb07fd4e1
commit 764e9a0334
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libio/wgenops.c
View File

@ -379,12 +379,11 @@ libc_hidden_def (_IO_wdoallocbuf)
int
_IO_wdefault_doallocate (FILE *fp)
{
wchar_t *buf;
buf = malloc (BUFSIZ);
wchar_t *buf = (wchar_t *)malloc (BUFSIZ);
if (__glibc_unlikely (buf == NULL))
return EOF;
_IO_wsetb (fp, buf, buf + BUFSIZ, 1);
_IO_wsetb (fp, buf, buf + BUFSIZ / sizeof *buf, 1);
return 1;
}
libc_hidden_def (_IO_wdefault_doallocate)