You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by gn...@apache.org on 2020/05/04 14:37:29 UTC
[incubator-nuttx] branch master updated: x86_64: Make sure to clone
ap list in vasprintf
This is an automated email from the ASF dual-hosted git repository.
gnutt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git
The following commit(s) were added to refs/heads/master by this push:
new 8110ea6 x86_64: Make sure to clone ap list in vasprintf
8110ea6 is described below
commit 8110ea6a7a85efa8658f0ed73aa443c3421b1a25
Author: Brennan Ashton <ba...@brennanashton.com>
AuthorDate: Sat May 2 22:35:08 2020 -0700
x86_64: Make sure to clone ap list in vasprintf
VA_LIST is getting clobbered because it is a pointer to a structure
on the stack and we must traverse it twice. Clone it like we do
for x86_32
---
libs/libc/stdio/lib_vasprintf.c | 59 +++++++++++++++++++++--------------------
1 file changed, 30 insertions(+), 29 deletions(-)
diff --git a/libs/libc/stdio/lib_vasprintf.c b/libs/libc/stdio/lib_vasprintf.c
index 8c11621..0676bb5 100644
--- a/libs/libc/stdio/lib_vasprintf.c
+++ b/libs/libc/stdio/lib_vasprintf.c
@@ -47,24 +47,6 @@
/****************************************************************************
* Pre-processor Definitions
****************************************************************************/
-/* On some architectures, va_list is really a pointer to a structure on the
- * stack. And the va_arg builtin will modify that instance of va_list. Since
- * vasprintf traverse the parameters in the va_list twice, the va_list will
- * be altered in this first cases and the second usage will fail. So far, I
- * have seen this only on the X86 family with GCC.
- */
-
-#undef CLONE_APLIST
-#define ap1 ap
-#define ap2 ap
-
-#if defined(CONFIG_ARCH_X86)
-# define CLONE_APLIST 1
-# undef ap2
-#elif defined(CONFIG_ARCH_SIM) && (defined(CONFIG_HOST_X86) || defined(CONFIG_HOST_X86_64))
-# define CLONE_APLIST 1
-# undef ap2
-#endif
/****************************************************************************
* Public Functions
@@ -83,8 +65,8 @@
*
* Returned Value:
* The returned value is the number of characters allocated for the buffer,
- * or less than zero if an error occurred. Usually this means that the buffer
- * could not be allocated.
+ * or less than zero if an error occurred. Usually this means that the
+ * buffer could not be allocated.
*
****************************************************************************/
@@ -92,7 +74,15 @@ int vasprintf(FAR char **ptr, FAR const IPTR char *fmt, va_list ap)
{
struct lib_outstream_s nulloutstream;
struct lib_memoutstream_s memoutstream;
-#ifdef CLONE_APLIST
+
+ /* On some architectures, va_list is really a pointer to a structure on
+ * the stack. And the va_arg builtin will modify that instance of va_list.
+ * Since vasprintf traverse the parameters in the va_list twice, the
+ * va_list will be altered in this first cases and the second usage will
+ * fail. This is a known issue with x86_64.
+ */
+
+#ifdef va_copy
va_list ap2;
#endif
FAR char *buf;
@@ -100,9 +90,7 @@ int vasprintf(FAR char **ptr, FAR const IPTR char *fmt, va_list ap)
DEBUGASSERT(ptr && fmt);
-#ifdef CLONE_APLIST
- /* Clone the va_list so that the contents of the input values are not altered */
-
+#ifdef va_copy
va_copy(ap2, ap);
#endif
@@ -111,7 +99,7 @@ int vasprintf(FAR char **ptr, FAR const IPTR char *fmt, va_list ap)
*/
lib_nulloutstream(&nulloutstream);
- lib_vsprintf((FAR struct lib_outstream_s *)&nulloutstream, fmt, ap1);
+ lib_vsprintf((FAR struct lib_outstream_s *)&nulloutstream, fmt, ap);
/* Then allocate a buffer to hold that number of characters, adding one
* for the null terminator.
@@ -120,6 +108,10 @@ int vasprintf(FAR char **ptr, FAR const IPTR char *fmt, va_list ap)
buf = (FAR char *)malloc(nulloutstream.nput + 1);
if (!buf)
{
+ va_end(ap);
+#ifdef va_copy
+ va_end(ap2);
+#endif
return ERROR;
}
@@ -134,14 +126,23 @@ int vasprintf(FAR char **ptr, FAR const IPTR char *fmt, va_list ap)
/* Then let lib_vsprintf do it's real thing */
nbytes = lib_vsprintf((FAR struct lib_outstream_s *)&memoutstream.public,
+#ifdef va_copy
fmt, ap2);
+#else
+ fmt, ap);
+#endif
+
+#ifdef va_copy
+ va_end(ap2);
+#endif
+ va_end(ap);
/* Return a pointer to the string to the caller. NOTE: the memstream put()
- * method has already added the NUL terminator to the end of the string (not
- * included in the nput count).
+ * method has already added the NUL terminator to the end of the string
+ * (not included in the nput count).
*
- * Hmmm.. looks like the memory would be stranded if lib_vsprintf() returned
- * an error. Does that ever happen?
+ * Hmmm.. looks like the memory would be stranded if lib_vsprintf()
+ * returned an error. Does that ever happen?
*/
DEBUGASSERT(nbytes < 0 || nbytes == nulloutstream.nput);