You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@stdcxx.apache.org by se...@apache.org on 2005/12/02 00:19:49 UTC
svn commit: r351515 - /incubator/stdcxx/trunk/tests/src/printf.cpp
Author: sebor
Date: Thu Dec 1 15:19:44 2005
New Revision: 351515
URL: http://svn.apache.org/viewcvs?rev=351515&view=rev
Log:
2005-12-01 Martin Sebor <se...@roguewave.com>
* printf.cpp (_rw_bufcat): Increased the size of the buffer and added
a trailing guard to detect writes past the end (and other types of
memory corruption).
(_rw_vfprintf): Avoided using a statically allocated buffer (might
be freed by _rw_bufcat).
Modified:
incubator/stdcxx/trunk/tests/src/printf.cpp
Modified: incubator/stdcxx/trunk/tests/src/printf.cpp
URL: http://svn.apache.org/viewcvs/incubator/stdcxx/trunk/tests/src/printf.cpp?rev=351515&r1=351514&r2=351515&view=diff
==============================================================================
--- incubator/stdcxx/trunk/tests/src/printf.cpp (original)
+++ incubator/stdcxx/trunk/tests/src/printf.cpp Thu Dec 1 15:19:44 2005
@@ -460,10 +460,13 @@
if (bufree <= len || !*pbuf) {
- size_t newbufsize = *pbufsize * 2;
+ // for guard block
+ static const char deadbeef[] = "\xde\xad\xbe\xef";
- if (newbufsize <= buflen + len)
- newbufsize = 2 * (buflen + len + 1);
+ size_t newbufsize = *pbufsize * 2 + 4;
+
+ if (newbufsize <= buflen + len + 4)
+ newbufsize = 2 * (buflen + len + 1) + 4;
char* const newbuf = (char*)malloc (newbufsize);
@@ -472,10 +475,18 @@
return 0;
memcpy (newbuf, *pbuf, buflen);
- free (*pbuf);
+
+ // append a guard block to the end of the buffer
+ memcpy (newbuf + newbufsize - 4, deadbeef, 4);
+
+ if (*pbuf) {
+ // verify that we didn't write past the end of the buffer
+ assert (0 == memcmp (*pbuf + *pbufsize, deadbeef, 4));
+ free (*pbuf);
+ }
*pbuf = newbuf;
- *pbufsize = newbufsize;
+ *pbufsize = newbufsize - 4;
(*pbuf)[buflen] = '\0';
}
@@ -3314,10 +3325,8 @@
{
assert (0 != file);
- char buffer [256];
-
- char* buf = buffer;
- size_t bufsize = sizeof buffer;
+ char* buf = 0;
+ size_t bufsize = 0;
const int nchars = rw_vasnprintf (&buf, &bufsize, fmt, va);
@@ -3345,8 +3354,7 @@
#endif // _MSC_VER
- if (buf != buffer)
- free (buf);
+ free (buf);
return nwrote;
}