From patchwork Fri Aug 5 17:40:49 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 73374 Delivered-To: patch@linaro.org Received: by 10.140.29.52 with SMTP id a49csp2053037qga; Fri, 5 Aug 2016 10:41:31 -0700 (PDT) X-Received: by 10.66.237.71 with SMTP id va7mr112170055pac.5.1470418891740; Fri, 05 Aug 2016 10:41:31 -0700 (PDT) Return-Path: Received: from sourceware.org (server1.sourceware.org. [209.132.180.131]) by mx.google.com with ESMTPS id dz8si21364646pab.269.2016.08.05.10.41.31 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 05 Aug 2016 10:41:31 -0700 (PDT) Received-SPF: pass (google.com: domain of libc-alpha-return-72324-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org; spf=pass (google.com: domain of libc-alpha-return-72324-patch=linaro.org@sourceware.org designates 209.132.180.131 as permitted sender) smtp.mailfrom=libc-alpha-return-72324-patch=linaro.org@sourceware.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id; q=dns; s= default; b=ACsbx/c7vGw5Uiz1ID7GCds9OEN8ceaMJZsTXWjtTGPdh7WBM7mGo NDWUrsyddYG0lKufjgv5FOdAI3mzsunx7tT9YklGqCwqfccRcNRGkDnxZ65aAasu 3VD7H8OIQWTLf8Ur4OnrMI1Z5tHD6rl2a3ryBwors7JkeiUD0qaKdI= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id; s=default; bh=3e4XqWSoo0i/fxpsUp6yqcHh8nU=; b=yy0iTVOgZT2m2LccxQB3hAJvztx9 M1laCnBec3OEJT20TIUI6t30Fhss4BYcFEm9OIHAABQPOcep2L23pqDNUyHzQ1qF yEH3p/MSuL9GI0odmdw+JS9zV6KrOzcf0v0fV8tH9AMVly/R2KXhtH8fT1mXJ/Gx MXxgtBd0pGdgQdk= Received: (qmail 50566 invoked by alias); 5 Aug 2016 17:41:19 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 50555 invoked by uid 89); 5 Aug 2016 17:41:18 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.2 spammy=read, write, libio, EOF, eof X-HELO: mail-yw0-f179.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:subject:date:message-id; bh=KGPjWUAZbk2FwtsgbM1m4fwvhWn27DDU8LJAxD+qSVo=; b=TH4+PMVFzT2Iqpmu3OPFCBYVZozTc1UQqQaAUieYsS+InBr9EDbktoBWcpY2W075+V DDvhzNFL4VLkIhOBU3VI2iZcKvNeBtUWtqtg0RVlVhWuMJdfIO2JJOJ+kr1Rucy6HYNn nR03h7aA5muWOq4oKbSBUPEPUzXjxfOIP0eFDN96+CQavZHTbAapBoDuPyvz5koK5DPU g57tGAyNYfz71q/haJtxcxZWwQ3NQjkvodRfrMoNKi+J+/zTeRDaKmaBmjujw+Sxt6Yq yZSEABfdQRxb2qdPa9mx9XTiT4W8nHucubDo2RYTuB1zg0s+WD35krvnggdye9trqLdX bOVA== X-Gm-Message-State: AEkooutt9/fyScKhKfBOHKjaOhqiTarxSV19eTTBzG15ETjMQuzweyIbac+Le+l6J2njxDrA X-Received: by 10.13.229.69 with SMTP id o66mr21812510ywe.286.1470418865437; Fri, 05 Aug 2016 10:41:05 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH 1/2] libio: Multiple fixes for open_{w}memstram (BZ#18241 and BZ#20181) Date: Fri, 5 Aug 2016 14:40:49 -0300 Message-Id: <1470418850-22175-1-git-send-email-adhemerval.zanella@linaro.org> This patches fixes multiples issues on open_{w}memstream reported on both BZ#18241 and BZ#20181: - failed fseek does not set errno. - negative offset in fseek fails even when resulting position is a valid one. - a flush after write if the current write position is not at the end of the stream currupt data. The main fix is on seek operation for memstream (_IO_{w}str_seekoff), where both _IO_read_ptr and _IO_read_end pointer are updated if a write operation has occured (similar to default file operations). Also, to calculate the offset on both read and write pointers, a temporary value is instead of updating the argument supplied value. Negative offset are valid if resulting internal pointer is within the range of _IO_{read,write}_base and _IO_{read,write}_end. For invalid position a different return error than EOF is used so _IO_seekoff_unlocked can set errno accordingly. Also POSIX states that a null or wide null shall be appended to the current buffer iff a write moves the position to a value larger than the current lenght. Current implementation appends a null or wide null regardless of this condition. This patch fixes it by removing the 'else' condition on _IO_{w}mem_sync. Checked on x86_64. [BZ #18241] [BZ #20181] * libio/Makefile (test): Add tst-memstream3 and tst-wmemstream3. * libio/ioseekoff.c (_IO_seekoff_unlocked): Check if _IO_SEEKOFF returns an invalid position and set errno accordingly. * libio/libioP.h (INVALPOS): New define. * libio/memstream.c (_IO_mem_sync): Only append a null byte if write position is at the end the buffer. * libio/wmemstream.c (_IO_wmem_sync): Likewise. * libio/strops.c (_IO_str_switch_to_get_mode): New function. (_IO_str_seekoff): Set correct offset from negative displacement and return INVALPOS for invalid ones. * libio/wstrops.c (enlarge_userbuf): Use correct function to calculate buffer length. (_IO_wstr_switch_to_get_mode): New function. (_IO_wstr_seekoff): Set correct offset from negative displacement and return INVALPOS for invalid ones. * libio/tst-memstream3.c: New file. * libio/tst-wmemstream3.c: Likewise. * manual/examples/memstrm.c: Remove warning when priting size_t. --- ChangeLog | 23 +++++++ libio/Makefile | 4 +- libio/ioseekoff.c | 8 ++- libio/libioP.h | 1 + libio/memstream.c | 2 - libio/strops.c | 75 ++++++++++++++-------- libio/tst-memstream3.c | 155 ++++++++++++++++++++++++++++++++++++++++++++++ libio/tst-wmemstream3.c | 44 +++++++++++++ libio/wmemstream.c | 2 - libio/wstrops.c | 79 +++++++++++++++-------- manual/examples/memstrm.c | 4 +- 11 files changed, 335 insertions(+), 62 deletions(-) create mode 100644 libio/tst-memstream3.c create mode 100644 libio/tst-wmemstream3.c -- 2.7.4 diff --git a/libio/Makefile b/libio/Makefile index 12589f2..0c7751c 100644 --- a/libio/Makefile +++ b/libio/Makefile @@ -56,8 +56,8 @@ tests = tst_swprintf tst_wprintf tst_swscanf tst_wscanf tst_getwc tst_putwc \ tst-mmap-eofsync tst-mmap-fflushsync bug-mmap-fflush \ tst-mmap2-eofsync tst-mmap-offend bug-fopena+ bug-wfflush \ bug-ungetc2 bug-ftell bug-ungetc3 bug-ungetc4 tst-fopenloc2 \ - tst-memstream1 tst-memstream2 \ - tst-wmemstream1 tst-wmemstream2 \ + tst-memstream1 tst-memstream2 tst-memstream3 \ + tst-wmemstream1 tst-wmemstream2 tst-wmemstream3 \ bug-memstream1 bug-wmemstream1 \ tst-setvbuf1 tst-popen1 tst-fgetwc bug-wsetpos tst-fseek \ tst-fwrite-error tst-ftell-partial-wide tst-ftell-active-handler \ diff --git a/libio/ioseekoff.c b/libio/ioseekoff.c index 05d90bb..aff63bc 100644 --- a/libio/ioseekoff.c +++ b/libio/ioseekoff.c @@ -62,7 +62,13 @@ _IO_seekoff_unlocked (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) _IO_free_wbackup_area (fp); } - return _IO_SEEKOFF (fp, offset, dir, mode); + _IO_off64_t result = _IO_SEEKOFF (fp, offset, dir, mode); + if (result == INVALPOS) + { + __set_errno (EINVAL); + return EOF; + } + return result; } diff --git a/libio/libioP.h b/libio/libioP.h index 3e12876..e12109b 100644 --- a/libio/libioP.h +++ b/libio/libioP.h @@ -717,6 +717,7 @@ extern _IO_off64_t _IO_seekpos_unlocked (_IO_FILE *, _IO_off64_t, int) #ifndef EOF # define EOF (-1) #endif +#define INVALPOS (-2) #ifndef NULL # if defined __GNUG__ && \ (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 8)) diff --git a/libio/memstream.c b/libio/memstream.c index e20b9c2..f1e8d58 100644 --- a/libio/memstream.c +++ b/libio/memstream.c @@ -112,8 +112,6 @@ _IO_mem_sync (_IO_FILE *fp) _IO_str_overflow (fp, '\0'); --fp->_IO_write_ptr; } - else - *fp->_IO_write_ptr = '\0'; *mp->bufloc = fp->_IO_write_base; *mp->sizeloc = fp->_IO_write_ptr - fp->_IO_write_base; diff --git a/libio/strops.c b/libio/strops.c index 2ba3704..a50ad1b 100644 --- a/libio/strops.c +++ b/libio/strops.c @@ -230,6 +230,21 @@ enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading) return 0; } +static void +_IO_str_switch_to_get_mode (_IO_FILE *fp) +{ + if (_IO_in_backup (fp)) + fp->_IO_read_base = fp->_IO_backup_base; + else + { + fp->_IO_read_base = fp->_IO_buf_base; + if (fp->_IO_write_ptr > fp->_IO_read_end) + fp->_IO_read_end = fp->_IO_write_ptr; + } + fp->_IO_read_ptr = fp->_IO_read_end = fp->_IO_write_ptr; + + fp->_flags &= ~_IO_CURRENTLY_PUTTING; +} _IO_off64_t _IO_str_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) @@ -239,14 +254,14 @@ _IO_str_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) if (mode == 0 && (fp->_flags & _IO_TIED_PUT_GET)) mode = (fp->_flags & _IO_CURRENTLY_PUTTING ? _IOS_OUTPUT : _IOS_INPUT); + bool was_writing = (fp->_IO_write_ptr > fp->_IO_write_base + || _IO_in_put_mode (fp)); + if (was_writing) + _IO_str_switch_to_get_mode (fp); + if (mode == 0) { - /* Don't move any pointers. But there is no clear indication what - mode FP is in. Let's guess. */ - if (fp->_IO_file_flags & _IO_NO_WRITES) - new_pos = fp->_IO_read_ptr - fp->_IO_read_base; - else - new_pos = fp->_IO_write_ptr - fp->_IO_write_base; + new_pos = fp->_IO_read_ptr - fp->_IO_read_base; } else { @@ -256,48 +271,56 @@ _IO_str_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) /* Move the get pointer, if requested. */ if (mode & _IOS_INPUT) { + _IO_ssize_t base; switch (dir) { - case _IO_seek_end: - offset += cur_size; + case _IO_seek_set: + base = 0; break; case _IO_seek_cur: - offset += fp->_IO_read_ptr - fp->_IO_read_base; + base = fp->_IO_read_ptr - fp->_IO_read_base; break; - default: /* case _IO_seek_set: */ + default: /* case _IO_seek_end: */ + base = cur_size; break; } - if (offset < 0) + _IO_ssize_t maxval = SSIZE_MAX - base; + if (offset < -base || offset > maxval) + return INVALPOS; + base += offset; + if (base > cur_size + && enlarge_userbuf (fp, base, 1) != 0) return EOF; - if ((_IO_ssize_t) offset > cur_size - && enlarge_userbuf (fp, offset, 1) != 0) - return EOF; - fp->_IO_read_ptr = fp->_IO_read_base + offset; + fp->_IO_read_ptr = fp->_IO_read_base + base; fp->_IO_read_end = fp->_IO_read_base + cur_size; - new_pos = offset; + new_pos = base; } /* Move the put pointer, if requested. */ if (mode & _IOS_OUTPUT) { + _IO_ssize_t base; switch (dir) { - case _IO_seek_end: - offset += cur_size; + case _IO_seek_set: + base = 0; break; case _IO_seek_cur: - offset += fp->_IO_write_ptr - fp->_IO_write_base; + base = fp->_IO_write_ptr - fp->_IO_write_base; break; - default: /* case _IO_seek_set: */ + default: /* case _IO_seek_end: */ + base = cur_size; break; } - if (offset < 0) - return EOF; - if ((_IO_ssize_t) offset > cur_size - && enlarge_userbuf (fp, offset, 0) != 0) + _IO_ssize_t maxval = SSIZE_MAX - base; + if (offset < -base || offset > maxval) + return INVALPOS; + base += offset; + if (base > cur_size + && enlarge_userbuf (fp, base, 0) != 0) return EOF; - fp->_IO_write_ptr = fp->_IO_write_base + offset; - new_pos = offset; + fp->_IO_write_ptr = fp->_IO_write_base + base; + new_pos = base; } } return new_pos; diff --git a/libio/tst-memstream3.c b/libio/tst-memstream3.c new file mode 100644 index 0000000..ce4e60d --- /dev/null +++ b/libio/tst-memstream3.c @@ -0,0 +1,155 @@ +/* Test for open_memstream implementation. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + + +#ifndef CHAR_T +# define CHAR_T char +# define W(o) o +# define OPEN_MEMSTREAM open_memstream +# define PRINTF printf +# define FWRITE fwrite +# define FPUTC fputc +# define STRCMP strcmp +#endif + +#define S(s) S1 (s) +#define S1(s) #s + +static void +mcheck_abort (enum mcheck_status ev) +{ + printf ("mecheck failed with status %d\n", (int) ev); + exit (1); +} + +#define LOC2(l) "error: " __FILE__ ":" #l +#define LOC1(l) LOC2(l) +#define ERROR_RET1(...) \ + { printf(LOC1(__LINE__) ": " __VA_ARGS__); return 1; } + +static int +do_test_bz18241 (void) +{ + CHAR_T *buf; + size_t size; + + FILE *fp = OPEN_MEMSTREAM (&buf, &size); + if (fp == NULL) + ERROR_RET1 ("%s failed\n", S(OPEN_MEMSTREAM)); + + if (FPUTC (W('a'), fp) != W('a')) + ERROR_RET1 ("%s failed (errno = %d)\n", S(FPUTC), errno); + if (fflush (fp) != 0) + ERROR_RET1 ("fflush failed (errno = %d)\n", errno); + if (fseek (fp, -2, SEEK_SET) != -1) + ERROR_RET1 ("fseek failed (errno = %d)\n", errno); + if (errno != EINVAL) + ERROR_RET1 ("errno != EINVAL\n"); + if (ftell (fp) != 1) + ERROR_RET1 ("ftell failed (errno = %d)\n", errno); + if (ferror (fp) != 0) + ERROR_RET1 ("ferror != 0\n"); + + if (fseek (fp, -1, SEEK_CUR) == -1) + ERROR_RET1 ("fseek failed (errno = %d)\n", errno); + if (ftell (fp) != 0) + ERROR_RET1 ("ftell failed (errno = %d)\n", errno); + if (ferror (fp) != 0) + ERROR_RET1 ("ferror != 0\n"); + if (FPUTC (W('b'), fp) != W('b')) + ERROR_RET1 ("%s failed (errno = %d)\n", S(FPUTC), errno); + if (fflush (fp) != 0) + ERROR_RET1 ("fflush failed (errno = %d)\n", errno); + + if (fclose (fp) != 0) + ERROR_RET1 ("fclose failed (errno = %d\n", errno); + + if (STRCMP (buf, W("b")) != 0) + ERROR_RET1 ("%s failed\n", S(STRCMP)); + + free (buf); + + return 0; +} + +static int +do_test_bz20181 (void) +{ + CHAR_T *buf; + size_t size; + size_t ret; + + FILE *fp = OPEN_MEMSTREAM (&buf, &size); + if (fp == NULL) + ERROR_RET1 ("%s failed\n", S(OPEN_MEMSTREAM)); + + if ((ret = FWRITE (W("abc"), 1, 3, fp)) != 3) + ERROR_RET1 ("%s failed (errno = %d)\n", S(FWRITE), errno); + + if (fseek (fp, 0, SEEK_SET) != 0) + ERROR_RET1 ("fseek failed (errno = %d)\n", errno); + + if (FWRITE (W("z"), 1, 1, fp) != 1) + ERROR_RET1 ("%s failed (errno = %d)\n", S(FWRITE), errno); + + if (fflush (fp) != 0) + ERROR_RET1 ("fflush failed (errno = %d)\n", errno); + + /* Avoid truncating the buffer on close. */ + if (fseek (fp, 3, SEEK_SET) != 0) + ERROR_RET1 ("fseek failed (errno = %d)\n", errno); + + if (fclose (fp) != 0) + ERROR_RET1 ("fclose failed (errno = %d\n", errno); + + if (size != 3) + ERROR_RET1 ("size != 3\n"); + + if (buf[0] != W('z') + || buf[1] != W('b') + || buf[2] != W('c')) + { + PRINTF (W("error: buf {%c,%c,%c} != {z,b,c}\n"), + buf[0], buf[1], buf[2]); + return 1; + } + + free (buf); + + return 0; +} + +static int +do_test (void) +{ + int ret = 0; + + mcheck_pedantic (mcheck_abort); + + ret += do_test_bz18241 (); + ret += do_test_bz20181 (); + + return ret; +} + +#define TEST_FUNCTION do_test () +#include "../test-skeleton.c" diff --git a/libio/tst-wmemstream3.c b/libio/tst-wmemstream3.c new file mode 100644 index 0000000..190283a --- /dev/null +++ b/libio/tst-wmemstream3.c @@ -0,0 +1,44 @@ +/* Test for open_memstream implementation. + Copyright (C) 2016 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +/* Straighforward implementation so tst-memstream3 could use check + fwrite on open_memstream. */ +static size_t +fwwrite (const void *ptr, size_t size, size_t nmemb, FILE *arq) +{ + const wchar_t *wcs = (const wchar_t*) (ptr); + for (size_t s = 0; s < size; s++) + { + for (size_t n = 0; n < nmemb; n++) + if (fputwc (wcs[n], arq) == WEOF) + return n; + } + return size * nmemb; +} + +#define CHAR_T wchar_t +#define W(o) L##o +#define OPEN_MEMSTREAM open_wmemstream +#define PRINTF wprintf +#define FWRITE fwwrite +#define FPUTC fputwc +#define STRCMP wcscmp + +#include "tst-memstream3.c" diff --git a/libio/wmemstream.c b/libio/wmemstream.c index bf2a50b..fd01be0 100644 --- a/libio/wmemstream.c +++ b/libio/wmemstream.c @@ -112,8 +112,6 @@ _IO_wmem_sync (_IO_FILE *fp) _IO_wstr_overflow (fp, '\0'); --fp->_wide_data->_IO_write_ptr; } - else - *fp->_wide_data->_IO_write_ptr = '\0'; *mp->bufloc = fp->_wide_data->_IO_write_base; *mp->sizeloc = (fp->_wide_data->_IO_write_ptr diff --git a/libio/wstrops.c b/libio/wstrops.c index 09fa543..58b7a22 100644 --- a/libio/wstrops.c +++ b/libio/wstrops.c @@ -169,7 +169,7 @@ _IO_wstr_count (_IO_FILE *fp) static int enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading) { - if ((_IO_ssize_t) offset <= _IO_blen (fp)) + if ((_IO_ssize_t) offset <= _IO_wblen (fp)) return 0; struct _IO_wide_data *wd = fp->_wide_data; @@ -235,6 +235,22 @@ enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading) return 0; } +static void +_IO_wstr_switch_to_get_mode (_IO_FILE *fp) +{ + if (_IO_in_backup (fp)) + fp->_wide_data->_IO_read_base = fp->_wide_data->_IO_backup_base; + else + { + fp->_wide_data->_IO_read_base = fp->_wide_data->_IO_buf_base; + if (fp->_wide_data->_IO_write_ptr > fp->_wide_data->_IO_read_end) + fp->_wide_data->_IO_read_end = fp->_wide_data->_IO_write_ptr; + } + fp->_wide_data->_IO_read_ptr = fp->_wide_data->_IO_write_ptr; + fp->_wide_data->_IO_read_end = fp->_wide_data->_IO_write_ptr; + + fp->_flags &= ~_IO_CURRENTLY_PUTTING; +} _IO_off64_t _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) @@ -244,15 +260,16 @@ _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) if (mode == 0 && (fp->_flags & _IO_TIED_PUT_GET)) mode = (fp->_flags & _IO_CURRENTLY_PUTTING ? _IOS_OUTPUT : _IOS_INPUT); + bool was_writing = (fp->_wide_data->_IO_write_ptr > + fp->_wide_data->_IO_write_base + || _IO_in_put_mode (fp)); + if (was_writing) + _IO_wstr_switch_to_get_mode (fp); + if (mode == 0) { - /* Don't move any pointers. But there is no clear indication what - mode FP is in. Let's guess. */ - if (fp->_IO_file_flags & _IO_NO_WRITES) - new_pos = fp->_wide_data->_IO_read_ptr - fp->_wide_data->_IO_read_base; - else - new_pos = (fp->_wide_data->_IO_write_ptr - - fp->_wide_data->_IO_write_base); + new_pos = (fp->_wide_data->_IO_write_ptr + - fp->_wide_data->_IO_write_base); } else { @@ -262,25 +279,29 @@ _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) /* Move the get pointer, if requested. */ if (mode & _IOS_INPUT) { + _IO_ssize_t base; switch (dir) { - case _IO_seek_end: - offset += cur_size; + case _IO_seek_set: + base = 0; break; case _IO_seek_cur: - offset += (fp->_wide_data->_IO_read_ptr + base = (fp->_wide_data->_IO_read_ptr - fp->_wide_data->_IO_read_base); break; - default: /* case _IO_seek_set: */ + default: /* case _IO_seek_end: */ + base = cur_size; break; } - if (offset < 0) - return EOF; - if ((_IO_ssize_t) offset > cur_size - && enlarge_userbuf (fp, offset, 1) != 0) + _IO_ssize_t maxval = SSIZE_MAX/sizeof(wchar_t) - base; + if (offset < -base || offset > maxval) + return INVALPOS; + base += offset; + if (base > cur_size + && enlarge_userbuf (fp, base, 1) != 0) return EOF; fp->_wide_data->_IO_read_ptr = (fp->_wide_data->_IO_read_base - + offset); + + base); fp->_wide_data->_IO_read_end = (fp->_wide_data->_IO_read_base + cur_size); new_pos = offset; @@ -289,26 +310,30 @@ _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode) /* Move the put pointer, if requested. */ if (mode & _IOS_OUTPUT) { + _IO_ssize_t base; switch (dir) { - case _IO_seek_end: - offset += cur_size; + case _IO_seek_set: + base = 0; break; case _IO_seek_cur: - offset += (fp->_wide_data->_IO_write_ptr + base = (fp->_wide_data->_IO_write_ptr - fp->_wide_data->_IO_write_base); break; - default: /* case _IO_seek_set: */ + default: /* case _IO_seek_end: */ + base = cur_size; break; } - if (offset < 0) - return EOF; - if ((_IO_ssize_t) offset > cur_size - && enlarge_userbuf (fp, offset, 0) != 0) + _IO_ssize_t maxval = SSIZE_MAX/sizeof(wchar_t) - base; + if (offset < -base || offset > maxval) + return INVALPOS; + base += offset; + if (base > cur_size + && enlarge_userbuf (fp, base, 0) != 0) return EOF; fp->_wide_data->_IO_write_ptr = (fp->_wide_data->_IO_write_base - + offset); - new_pos = offset; + + base); + new_pos = base; } } return new_pos; diff --git a/manual/examples/memstrm.c b/manual/examples/memstrm.c index 0d443b1..5701ba1 100644 --- a/manual/examples/memstrm.c +++ b/manual/examples/memstrm.c @@ -27,10 +27,10 @@ main (void) stream = open_memstream (&bp, &size); fprintf (stream, "hello"); fflush (stream); - printf ("buf = `%s', size = %d\n", bp, size); + printf ("buf = `%s', size = %zu\n", bp, size); fprintf (stream, ", world"); fclose (stream); - printf ("buf = `%s', size = %d\n", bp, size); + printf ("buf = `%s', size = %zu\n", bp, size); return 0; }