+2006-08-14 Ulrich Drepper <drepper@redhat.com>
+
+ [BZ #1996]
+ * libio/memstream.c (open_memstream): Allocate initial buffer with
+ calloc.
+ * libio/wmemstream.c (open_wmemstream): Likewise.
+ * libio/strops.c: Pretty printing.
+ (_IO_str_overflow): Clear uninitialized part of the new buffer.
+ (enlarge_userbuf): New function.
+ (_IO_str_seekoff): Call it if seek position is larger than current
+ buffer.
+ * libio/wstrops.c: Likewise.
+ * libio/vasprintf.c: Add comment as to why we do not have to use
+ calloc instead of malloc to allocate initial buffer.
+ * libio/Makefile (tests): Add bug-memstream1 and bug-wmemstream1.
+ * libio/bug-memstream1.c: New file.
+ * libio/bug-wmemstream1.c: New file.
+
2006-08-13 Ulrich Drepper <drepper@redhat.com>
* libio/wstrops.c: Remove dead macro definitions and comments.
tst-mmap2-eofsync tst-mmap-offend bug-fopena+ bug-wfflush \
bug-ungetc2 bug-ftell bug-ungetc3 bug-ungetc4 tst-fopenloc2 \
tst-memstream1 tst-memstream2 \
- tst-wmemstream1 tst-wmemstream2
+ tst-wmemstream1 tst-wmemstream2 \
+ bug-memstream1 bug-wmemstream1
test-srcs = test-freopen
all: # Make this the default target; it will be defined in Rules.
--- /dev/null
+#include <stdio.h>
+#include <string.h>
+
+
+static int
+do_test (void)
+{
+ size_t size;
+ char *buf;
+ FILE *fp = open_memstream (&buf, &size);
+ if (fp == NULL)
+ {
+ puts ("open_memstream failed");
+ return 1;
+ }
+
+ off64_t off = ftello64 (fp);
+ if (off != 0)
+ {
+ puts ("initial position wrong");
+ return 1;
+ }
+
+ if (fseek (fp, 32768, SEEK_SET) != 0)
+ {
+ puts ("fseek failed");
+ return 1;
+ }
+
+ if (fputs ("foo", fp) == EOF)
+ {
+ puts ("fputs failed");
+ return 1;
+ }
+
+ if (fclose (fp) == EOF)
+ {
+ puts ("fclose failed");
+ return 1;
+ }
+
+ if (size != 32768 + 3)
+ {
+ printf ("expected size %d, got %zu\n", 32768 + 3, size);
+ return 1;
+ }
+
+ for (int i = 0; i < 32768; ++i)
+ if (buf[i] != '\0')
+ {
+ printf ("byte at offset %d is %#hhx\n", i, buf[i]);
+ return 1;
+ }
+
+ if (memcmp (buf + 32768, "foo", 3) != 0)
+ {
+ puts ("written string incorrect");
+ return 1;
+ }
+
+ /* Mark the buffer. */
+ memset (buf, 'A', size);
+ free (buf);
+
+ /* Try again, this time with write mode enabled before the seek. */
+ fp = open_memstream (&buf, &size);
+ if (fp == NULL)
+ {
+ puts ("2nd open_memstream failed");
+ return 1;
+ }
+
+ off = ftello64 (fp);
+ if (off != 0)
+ {
+ puts ("2nd initial position wrong");
+ return 1;
+ }
+
+ if (fputs ("bar", fp) == EOF)
+ {
+ puts ("2nd fputs failed");
+ return 1;
+ }
+
+ if (fseek (fp, 32768, SEEK_SET) != 0)
+ {
+ puts ("2nd fseek failed");
+ return 1;
+ }
+
+ if (fputs ("foo", fp) == EOF)
+ {
+ puts ("3rd fputs failed");
+ return 1;
+ }
+
+ if (fclose (fp) == EOF)
+ {
+ puts ("2nd fclose failed");
+ return 1;
+ }
+
+ if (size != 32768 + 3)
+ {
+ printf ("2nd expected size %d, got %zu\n", 32768 + 3, size);
+ return 1;
+ }
+
+ if (memcmp (buf, "bar", 3) != 0)
+ {
+ puts ("initial string incorrect in 2nd try");
+ return 1;
+ }
+
+ for (int i = 3; i < 32768; ++i)
+ if (buf[i] != '\0')
+ {
+ printf ("byte at offset %d is %#hhx in 2nd try\n", i, buf[i]);
+ return 1;
+ }
+
+ if (memcmp (buf + 32768, "foo", 3) != 0)
+ {
+ puts ("written string incorrect in 2nd try");
+ return 1;
+ }
+
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
--- /dev/null
+#include <stdio.h>
+#include <string.h>
+
+
+static int
+do_test (void)
+{
+ size_t size;
+ wchar_t *buf;
+ FILE *fp = open_wmemstream (&buf, &size);
+ if (fp == NULL)
+ {
+ puts ("open_wmemstream failed");
+ return 1;
+ }
+
+ off64_t off = ftello64 (fp);
+ if (off != 0)
+ {
+ puts ("initial position wrong");
+ return 1;
+ }
+
+ if (fseek (fp, 32768, SEEK_SET) != 0)
+ {
+ puts ("fseek failed");
+ return 1;
+ }
+
+ if (fputws (L"foo", fp) == EOF)
+ {
+ puts ("fputws failed");
+ return 1;
+ }
+
+ if (fclose (fp) == EOF)
+ {
+ puts ("fclose failed");
+ return 1;
+ }
+
+ if (size != 32768 + 3)
+ {
+ printf ("expected size %d, got %zu\n", 32768 + 3, size);
+ return 1;
+ }
+
+ for (int i = 0; i < 32768; ++i)
+ if (buf[i] != L'\0')
+ {
+ printf ("wide character at offset %d is %#x\n",
+ i, (unsigned int) buf[i]);
+ return 1;
+ }
+
+ if (wmemcmp (buf + 32768, L"foo", 3) != 0)
+ {
+ puts ("written string incorrect");
+ return 1;
+ }
+
+ /* Mark the buffer. */
+ wmemset (buf, L'A', size);
+ free (buf);
+
+ /* Try again, this time with write mode enabled before the seek. */
+ fp = open_wmemstream (&buf, &size);
+ if (fp == NULL)
+ {
+ puts ("2nd open_wmemstream failed");
+ return 1;
+ }
+
+ off = ftello64 (fp);
+ if (off != 0)
+ {
+ puts ("2nd initial position wrong");
+ return 1;
+ }
+
+ if (fputws (L"bar", fp) == EOF)
+ {
+ puts ("2nd fputws failed");
+ return 1;
+ }
+
+ if (fseek (fp, 32768, SEEK_SET) != 0)
+ {
+ puts ("2nd fseek failed");
+ return 1;
+ }
+
+ if (fputws (L"foo", fp) == EOF)
+ {
+ puts ("3rd fputws failed");
+ return 1;
+ }
+
+ if (fclose (fp) == EOF)
+ {
+ puts ("2nd fclose failed");
+ return 1;
+ }
+
+ if (size != 32768 + 3)
+ {
+ printf ("2nd expected size %d, got %zu\n", 32768 + 3, size);
+ return 1;
+ }
+
+ if (wmemcmp (buf, L"bar", 3) != 0)
+ {
+ puts ("initial string incorrect in 2nd try");
+ return 1;
+ }
+
+ for (int i = 3; i < 32768; ++i)
+ if (buf[i] != L'\0')
+ {
+ printf ("wide character at offset %d is %#x in 2nd try\n",
+ i, (unsigned int) buf[i]);
+ return 1;
+ }
+
+ if (wmemcmp (buf + 32768, L"foo", 3) != 0)
+ {
+ puts ("written string incorrect in 2nd try");
+ return 1;
+ }
+
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
new_f->fp._sf._sbf._f._lock = &new_f->lock;
#endif
- buf = malloc (_IO_BUFSIZ);
+ buf = calloc (1, _IO_BUFSIZ);
if (buf == NULL)
return NULL;
INTUSE(_IO_init) (&new_f->fp._sf._sbf._f, 0);
This exception applies to code released by its copyright holders
in files containing the exception. */
+#include <assert.h>
#include "strfile.h"
#include "libioP.h"
#include <string.h>
fp->_IO_write_ptr = fp->_IO_read_ptr;
fp->_IO_read_ptr = fp->_IO_read_end;
}
- pos = fp->_IO_write_ptr - fp->_IO_write_base;
+ pos = fp->_IO_write_ptr - fp->_IO_write_base;
if (pos >= (_IO_size_t) (_IO_blen (fp) + flush_only))
{
if (fp->_flags & _IO_USER_BUF) /* not allowed to enlarge */
{
char *new_buf;
char *old_buf = fp->_IO_buf_base;
- _IO_size_t new_size = 2 * _IO_blen (fp) + 100;
+ size_t old_blen = _IO_blen (fp);
+ _IO_size_t new_size = 2 * old_blen + 100;
+ if (new_size < old_blen)
+ return EOF;
new_buf
= (char *) (*((_IO_strfile *) fp)->_s._allocate_buffer) (new_size);
if (new_buf == NULL)
}
if (old_buf)
{
- memcpy (new_buf, old_buf, _IO_blen (fp));
+ memcpy (new_buf, old_buf, old_blen);
(*((_IO_strfile *) fp)->_s._free_buffer) (old_buf);
/* Make sure _IO_setb won't try to delete _IO_buf_base. */
fp->_IO_buf_base = NULL;
}
-#if 0
- if (lenp == &LEN(fp)) /* use '\0'-filling */
- memset (new_buf + pos, 0, blen() - pos);
-#endif
+ memset (new_buf + old_blen, '\0', new_size - old_blen);
+
INTUSE(_IO_setb) (fp, new_buf, new_buf + new_size, 1);
fp->_IO_read_base = new_buf + (fp->_IO_read_base - old_buf);
fp->_IO_read_ptr = new_buf + (fp->_IO_read_ptr - old_buf);
- fp->_IO_read_base);
}
+
+static int
+enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading)
+{
+ if ((_IO_ssize_t) offset <= _IO_blen (fp))
+ return 0;
+
+ _IO_ssize_t oldend = fp->_IO_write_end - fp->_IO_write_base;
+
+ /* Try to enlarge the buffer. */
+ if (fp->_flags & _IO_USER_BUF)
+ /* User-provided buffer. */
+ return 1;
+
+ _IO_size_t newsize = offset + 100;
+ char *oldbuf = fp->_IO_buf_base;
+ char *newbuf
+ = (char *) (*((_IO_strfile *) fp)->_s._allocate_buffer) (newsize);
+ if (newbuf == NULL)
+ return 1;
+
+ if (oldbuf != NULL)
+ {
+ memcpy (newbuf, oldbuf, _IO_blen (fp));
+ (*((_IO_strfile *) fp)->_s._free_buffer) (oldbuf);
+ /* Make sure _IO_setb won't try to delete
+ _IO_buf_base. */
+ fp->_IO_buf_base = NULL;
+ }
+
+ INTUSE(_IO_setb) (fp, newbuf, newbuf + newsize, 1);
+
+ if (reading)
+ {
+ fp->_IO_write_base = newbuf + (fp->_IO_write_base - oldbuf);
+ fp->_IO_write_ptr = newbuf + (fp->_IO_write_ptr - oldbuf);
+ fp->_IO_write_end = newbuf + (fp->_IO_write_end - oldbuf);
+ fp->_IO_read_ptr = newbuf + (fp->_IO_read_ptr - oldbuf);
+
+ fp->_IO_read_base = newbuf;
+ fp->_IO_read_end = fp->_IO_buf_end;
+ }
+ else
+ {
+ fp->_IO_read_base = newbuf + (fp->_IO_read_base - oldbuf);
+ fp->_IO_read_ptr = newbuf + (fp->_IO_read_ptr - oldbuf);
+ fp->_IO_read_end = newbuf + (fp->_IO_read_end - oldbuf);
+ fp->_IO_write_ptr = newbuf + (fp->_IO_write_ptr - oldbuf);
+
+ fp->_IO_write_base = newbuf;
+ fp->_IO_write_end = fp->_IO_buf_end;
+ }
+
+ /* Clear the area between the last write position and th
+ new position. */
+ assert (offset >= oldend);
+ if (reading)
+ memset (fp->_IO_read_base + oldend, '\0', offset - oldend);
+ else
+ memset (fp->_IO_write_base + oldend, '\0', offset - oldend);
+
+ return 0;
+}
+
+
_IO_off64_t
_IO_str_seekoff (fp, offset, dir, mode)
_IO_FILE *fp;
default: /* case _IO_seek_set: */
break;
}
- if (offset < 0 || (_IO_ssize_t) offset > cur_size)
+ if (offset < 0)
+ return EOF;
+ if ((_IO_ssize_t) offset > cur_size
+ && enlarge_userbuf (fp, offset, 1) != 0)
return EOF;
fp->_IO_read_ptr = fp->_IO_read_base + offset;
fp->_IO_read_end = fp->_IO_read_base + cur_size;
default: /* case _IO_seek_set: */
break;
}
- if (offset < 0 || (_IO_ssize_t) offset > cur_size)
+ if (offset < 0)
+ return EOF;
+ if ((_IO_ssize_t) offset > cur_size
+ && enlarge_userbuf (fp, offset, 0) != 0)
return EOF;
fp->_IO_write_ptr = fp->_IO_write_base + offset;
new_pos = offset;
int ret;
_IO_size_t needed;
_IO_size_t allocated;
+ /* No need to clear the memory here (unlike for open_memstream) since
+ we know we will never seek on the stream. */
string = (char *) malloc (init_string_size);
if (string == NULL)
return -1;
new_f->fp._sf._sbf._f._lock = &new_f->lock;
#endif
- buf = malloc (_IO_BUFSIZ);
+ buf = calloc (1, _IO_BUFSIZ);
if (buf == NULL)
return NULL;
This exception applies to code released by its copyright holders
in files containing the exception. */
+#include <assert.h>
#include "strfile.h"
#include "libioP.h"
#include <string.h>
fp->_wide_data->_IO_read_end = end;
}
/* A null _allocate_buffer function flags the strfile as being static. */
- (((_IO_strfile *) fp)->_s._allocate_buffer) = (_IO_alloc_type)0;
+ (((_IO_strfile *) fp)->_s._allocate_buffer) = (_IO_alloc_type)0;
}
_IO_wint_t
fp->_wide_data->_IO_write_ptr = fp->_wide_data->_IO_read_ptr;
fp->_wide_data->_IO_read_ptr = fp->_wide_data->_IO_read_end;
}
- pos = fp->_wide_data->_IO_write_ptr - fp->_wide_data->_IO_write_base;
+ pos = fp->_wide_data->_IO_write_ptr - fp->_wide_data->_IO_write_base;
if (pos >= (_IO_size_t) (_IO_wblen (fp) + flush_only))
{
if (fp->_flags & _IO_USER_BUF) /* not allowed to enlarge */
{
wchar_t *new_buf;
wchar_t *old_buf = fp->_wide_data->_IO_buf_base;
- _IO_size_t new_size = 2 * _IO_wblen (fp) + 100;
+ size_t old_wblen = _IO_wblen (fp);
+ _IO_size_t new_size = 2 * old_wblen + 100;
+ if (new_size < old_wblen)
+ return EOF;
new_buf
= (wchar_t *) (*((_IO_strfile *) fp)->_s._allocate_buffer) (new_size
* sizeof (wchar_t));
}
if (old_buf)
{
- __wmemcpy (new_buf, old_buf, _IO_wblen (fp));
+ __wmemcpy (new_buf, old_buf, old_wblen);
(*((_IO_strfile *) fp)->_s._free_buffer) (old_buf);
/* Make sure _IO_setb won't try to delete _IO_buf_base. */
fp->_wide_data->_IO_buf_base = NULL;
}
+
+ wmemset (new_buf + old_wblen, L'\0', new_size - old_wblen);
+
INTUSE(_IO_wsetb) (fp, new_buf, new_buf + new_size, 1);
fp->_wide_data->_IO_read_base =
new_buf + (fp->_wide_data->_IO_read_base - old_buf);
return c;
}
+
_IO_wint_t
_IO_wstr_underflow (fp)
_IO_FILE *fp;
return WEOF;
}
-/* The size of the valid part of the buffer. */
+/* The size of the valid part of the buffer. */
_IO_ssize_t
_IO_wstr_count (fp)
_IO_FILE *fp;
{
- return ((fp->_wide_data->_IO_write_ptr > fp->_wide_data->_IO_read_end
- ? fp->_wide_data->_IO_write_ptr : fp->_wide_data->_IO_read_end)
- - fp->_wide_data->_IO_read_base);
+ struct _IO_wide_data *wd = fp->_wide_data;
+
+ return ((wd->_IO_write_ptr > wd->_IO_read_end
+ ? wd->_IO_write_ptr : wd->_IO_read_end)
+ - wd->_IO_read_base);
}
+
+static int
+enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading)
+{
+ if ((_IO_ssize_t) offset <= _IO_blen (fp))
+ return 0;
+
+ struct _IO_wide_data *wd = fp->_wide_data;
+
+ _IO_ssize_t oldend = wd->_IO_write_end - wd->_IO_write_base;
+
+ /* Try to enlarge the buffer. */
+ if (fp->_flags & _IO_USER_BUF)
+ /* User-provided buffer. */
+ return 1;
+
+ _IO_size_t newsize = offset + 100;
+ wchar_t *oldbuf = wd->_IO_buf_base;
+ wchar_t *newbuf
+ = (wchar_t *) (*((_IO_strfile *) fp)->_s._allocate_buffer) (newsize
+ * sizeof (wchar_t));
+ if (newbuf == NULL)
+ return 1;
+
+ if (oldbuf != NULL)
+ {
+ __wmemcpy (newbuf, oldbuf, _IO_wblen (fp));
+ (*((_IO_strfile *) fp)->_s._free_buffer) (oldbuf);
+ /* Make sure _IO_setb won't try to delete
+ _IO_buf_base. */
+ wd->_IO_buf_base = NULL;
+ }
+
+ INTUSE(_IO_wsetb) (fp, newbuf, newbuf + newsize, 1);
+
+ if (reading)
+ {
+ wd->_IO_write_base = newbuf + (wd->_IO_write_base - oldbuf);
+ wd->_IO_write_ptr = newbuf + (wd->_IO_write_ptr - oldbuf);
+ wd->_IO_write_end = newbuf + (wd->_IO_write_end - oldbuf);
+ wd->_IO_read_ptr = newbuf + (wd->_IO_read_ptr - oldbuf);
+
+ wd->_IO_read_base = newbuf;
+ wd->_IO_read_end = wd->_IO_buf_end;
+ }
+ else
+ {
+ wd->_IO_read_base = newbuf + (wd->_IO_read_base - oldbuf);
+ wd->_IO_read_ptr = newbuf + (wd->_IO_read_ptr - oldbuf);
+ wd->_IO_read_end = newbuf + (wd->_IO_read_end - oldbuf);
+ wd->_IO_write_ptr = newbuf + (wd->_IO_write_ptr - oldbuf);
+
+ wd->_IO_write_base = newbuf;
+ wd->_IO_write_end = wd->_IO_buf_end;
+ }
+
+ /* Clear the area between the last write position and th
+ new position. */
+ assert (offset >= oldend);
+ if (reading)
+ wmemset (wd->_IO_read_base + oldend, L'\0', offset - oldend);
+ else
+ wmemset (wd->_IO_write_base + oldend, L'\0', offset - oldend);
+
+ return 0;
+}
+
+
_IO_off64_t
_IO_wstr_seekoff (fp, offset, dir, mode)
_IO_FILE *fp;
default: /* case _IO_seek_set: */
break;
}
- if (offset < 0 || (_IO_ssize_t) offset > cur_size)
+ if (offset < 0)
+ return EOF;
+ if ((_IO_ssize_t) offset > cur_size
+ && enlarge_userbuf (fp, offset, 1) != 0)
return EOF;
fp->_wide_data->_IO_read_ptr = (fp->_wide_data->_IO_read_base
+ offset);
default: /* case _IO_seek_set: */
break;
}
- if (offset < 0 || (_IO_ssize_t) offset > cur_size)
+ if (offset < 0)
+ return EOF;
+ if ((_IO_ssize_t) offset > cur_size
+ && enlarge_userbuf (fp, offset, 0) != 0)
return EOF;
fp->_wide_data->_IO_write_ptr = (fp->_wide_data->_IO_write_base
+ offset);