@@ -56,8 +56,8 @@ tests = tst_swprintf tst_wprintf tst_swscanf tst_wscanf tst_getwc tst_putwc \
tst-mmap-eofsync tst-mmap-fflushsync bug-mmap-fflush \
tst-mmap2-eofsync tst-mmap-offend bug-fopena+ bug-wfflush \
bug-ungetc2 bug-ftell bug-ungetc3 bug-ungetc4 tst-fopenloc2 \
- tst-memstream1 tst-memstream2 \
- tst-wmemstream1 tst-wmemstream2 \
+ tst-memstream1 tst-memstream2 tst-memstream3 \
+ tst-wmemstream1 tst-wmemstream2 tst-wmemstream3 \
bug-memstream1 bug-wmemstream1 \
tst-setvbuf1 tst-popen1 tst-fgetwc bug-wsetpos tst-fseek \
tst-fwrite-error tst-ftell-partial-wide tst-ftell-active-handler \
@@ -62,7 +62,13 @@ _IO_seekoff_unlocked (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
_IO_free_wbackup_area (fp);
}
- return _IO_SEEKOFF (fp, offset, dir, mode);
+ _IO_off64_t result = _IO_SEEKOFF (fp, offset, dir, mode);
+ if (result == INVALPOS)
+ {
+ __set_errno (EINVAL);
+ return EOF;
+ }
+ return result;
}
@@ -717,6 +717,7 @@ extern _IO_off64_t _IO_seekpos_unlocked (_IO_FILE *, _IO_off64_t, int)
#ifndef EOF
# define EOF (-1)
#endif
+#define INVALPOS (-2)
#ifndef NULL
# if defined __GNUG__ && \
(__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 8))
@@ -112,8 +112,6 @@ _IO_mem_sync (_IO_FILE *fp)
_IO_str_overflow (fp, '\0');
--fp->_IO_write_ptr;
}
- else
- *fp->_IO_write_ptr = '\0';
*mp->bufloc = fp->_IO_write_base;
*mp->sizeloc = fp->_IO_write_ptr - fp->_IO_write_base;
@@ -230,6 +230,21 @@ enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading)
return 0;
}
+static void
+_IO_str_switch_to_get_mode (_IO_FILE *fp)
+{
+ if (_IO_in_backup (fp))
+ fp->_IO_read_base = fp->_IO_backup_base;
+ else
+ {
+ fp->_IO_read_base = fp->_IO_buf_base;
+ if (fp->_IO_write_ptr > fp->_IO_read_end)
+ fp->_IO_read_end = fp->_IO_write_ptr;
+ }
+ fp->_IO_read_ptr = fp->_IO_read_end = fp->_IO_write_ptr;
+
+ fp->_flags &= ~_IO_CURRENTLY_PUTTING;
+}
_IO_off64_t
_IO_str_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
@@ -239,14 +254,14 @@ _IO_str_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
if (mode == 0 && (fp->_flags & _IO_TIED_PUT_GET))
mode = (fp->_flags & _IO_CURRENTLY_PUTTING ? _IOS_OUTPUT : _IOS_INPUT);
+ bool was_writing = (fp->_IO_write_ptr > fp->_IO_write_base
+ || _IO_in_put_mode (fp));
+ if (was_writing)
+ _IO_str_switch_to_get_mode (fp);
+
if (mode == 0)
{
- /* Don't move any pointers. But there is no clear indication what
- mode FP is in. Let's guess. */
- if (fp->_IO_file_flags & _IO_NO_WRITES)
- new_pos = fp->_IO_read_ptr - fp->_IO_read_base;
- else
- new_pos = fp->_IO_write_ptr - fp->_IO_write_base;
+ new_pos = fp->_IO_read_ptr - fp->_IO_read_base;
}
else
{
@@ -256,48 +271,56 @@ _IO_str_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
/* Move the get pointer, if requested. */
if (mode & _IOS_INPUT)
{
+ _IO_ssize_t base;
switch (dir)
{
- case _IO_seek_end:
- offset += cur_size;
+ case _IO_seek_set:
+ base = 0;
break;
case _IO_seek_cur:
- offset += fp->_IO_read_ptr - fp->_IO_read_base;
+ base = fp->_IO_read_ptr - fp->_IO_read_base;
break;
- default: /* case _IO_seek_set: */
+ default: /* case _IO_seek_end: */
+ base = cur_size;
break;
}
- if (offset < 0)
+ _IO_ssize_t maxval = SSIZE_MAX - base;
+ if (offset < -base || offset > maxval)
+ return INVALPOS;
+ base += offset;
+ if (base > cur_size
+ && enlarge_userbuf (fp, base, 1) != 0)
return EOF;
- if ((_IO_ssize_t) offset > cur_size
- && enlarge_userbuf (fp, offset, 1) != 0)
- return EOF;
- fp->_IO_read_ptr = fp->_IO_read_base + offset;
+ fp->_IO_read_ptr = fp->_IO_read_base + base;
fp->_IO_read_end = fp->_IO_read_base + cur_size;
- new_pos = offset;
+ new_pos = base;
}
/* Move the put pointer, if requested. */
if (mode & _IOS_OUTPUT)
{
+ _IO_ssize_t base;
switch (dir)
{
- case _IO_seek_end:
- offset += cur_size;
+ case _IO_seek_set:
+ base = 0;
break;
case _IO_seek_cur:
- offset += fp->_IO_write_ptr - fp->_IO_write_base;
+ base = fp->_IO_write_ptr - fp->_IO_write_base;
break;
- default: /* case _IO_seek_set: */
+ default: /* case _IO_seek_end: */
+ base = cur_size;
break;
}
- if (offset < 0)
- return EOF;
- if ((_IO_ssize_t) offset > cur_size
- && enlarge_userbuf (fp, offset, 0) != 0)
+ _IO_ssize_t maxval = SSIZE_MAX - base;
+ if (offset < -base || offset > maxval)
+ return INVALPOS;
+ base += offset;
+ if (base > cur_size
+ && enlarge_userbuf (fp, base, 0) != 0)
return EOF;
- fp->_IO_write_ptr = fp->_IO_write_base + offset;
- new_pos = offset;
+ fp->_IO_write_ptr = fp->_IO_write_base + base;
+ new_pos = base;
}
}
return new_pos;
new file mode 100644
@@ -0,0 +1,155 @@
+/* Test for open_memstream implementation.
+ Copyright (C) 2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <mcheck.h>
+#include <stdio.h>
+#include <errno.h>
+
+
+#ifndef CHAR_T
+# define CHAR_T char
+# define W(o) o
+# define OPEN_MEMSTREAM open_memstream
+# define PRINTF printf
+# define FWRITE fwrite
+# define FPUTC fputc
+# define STRCMP strcmp
+#endif
+
+#define S(s) S1 (s)
+#define S1(s) #s
+
+static void
+mcheck_abort (enum mcheck_status ev)
+{
+ printf ("mecheck failed with status %d\n", (int) ev);
+ exit (1);
+}
+
+#define LOC2(l) "error: " __FILE__ ":" #l
+#define LOC1(l) LOC2(l)
+#define ERROR_RET1(...) \
+ { printf(LOC1(__LINE__) ": " __VA_ARGS__); return 1; }
+
+static int
+do_test_bz18241 (void)
+{
+ CHAR_T *buf;
+ size_t size;
+
+ FILE *fp = OPEN_MEMSTREAM (&buf, &size);
+ if (fp == NULL)
+ ERROR_RET1 ("%s failed\n", S(OPEN_MEMSTREAM));
+
+ if (FPUTC (W('a'), fp) != W('a'))
+ ERROR_RET1 ("%s failed (errno = %d)\n", S(FPUTC), errno);
+ if (fflush (fp) != 0)
+ ERROR_RET1 ("fflush failed (errno = %d)\n", errno);
+ if (fseek (fp, -2, SEEK_SET) != -1)
+ ERROR_RET1 ("fseek failed (errno = %d)\n", errno);
+ if (errno != EINVAL)
+ ERROR_RET1 ("errno != EINVAL\n");
+ if (ftell (fp) != 1)
+ ERROR_RET1 ("ftell failed (errno = %d)\n", errno);
+ if (ferror (fp) != 0)
+ ERROR_RET1 ("ferror != 0\n");
+
+ if (fseek (fp, -1, SEEK_CUR) == -1)
+ ERROR_RET1 ("fseek failed (errno = %d)\n", errno);
+ if (ftell (fp) != 0)
+ ERROR_RET1 ("ftell failed (errno = %d)\n", errno);
+ if (ferror (fp) != 0)
+ ERROR_RET1 ("ferror != 0\n");
+ if (FPUTC (W('b'), fp) != W('b'))
+ ERROR_RET1 ("%s failed (errno = %d)\n", S(FPUTC), errno);
+ if (fflush (fp) != 0)
+ ERROR_RET1 ("fflush failed (errno = %d)\n", errno);
+
+ if (fclose (fp) != 0)
+ ERROR_RET1 ("fclose failed (errno = %d\n", errno);
+
+ if (STRCMP (buf, W("b")) != 0)
+ ERROR_RET1 ("%s failed\n", S(STRCMP));
+
+ free (buf);
+
+ return 0;
+}
+
+static int
+do_test_bz20181 (void)
+{
+ CHAR_T *buf;
+ size_t size;
+ size_t ret;
+
+ FILE *fp = OPEN_MEMSTREAM (&buf, &size);
+ if (fp == NULL)
+ ERROR_RET1 ("%s failed\n", S(OPEN_MEMSTREAM));
+
+ if ((ret = FWRITE (W("abc"), 1, 3, fp)) != 3)
+ ERROR_RET1 ("%s failed (errno = %d)\n", S(FWRITE), errno);
+
+ if (fseek (fp, 0, SEEK_SET) != 0)
+ ERROR_RET1 ("fseek failed (errno = %d)\n", errno);
+
+ if (FWRITE (W("z"), 1, 1, fp) != 1)
+ ERROR_RET1 ("%s failed (errno = %d)\n", S(FWRITE), errno);
+
+ if (fflush (fp) != 0)
+ ERROR_RET1 ("fflush failed (errno = %d)\n", errno);
+
+ /* Avoid truncating the buffer on close. */
+ if (fseek (fp, 3, SEEK_SET) != 0)
+ ERROR_RET1 ("fseek failed (errno = %d)\n", errno);
+
+ if (fclose (fp) != 0)
+ ERROR_RET1 ("fclose failed (errno = %d\n", errno);
+
+ if (size != 3)
+ ERROR_RET1 ("size != 3\n");
+
+ if (buf[0] != W('z')
+ || buf[1] != W('b')
+ || buf[2] != W('c'))
+ {
+ PRINTF (W("error: buf {%c,%c,%c} != {z,b,c}\n"),
+ buf[0], buf[1], buf[2]);
+ return 1;
+ }
+
+ free (buf);
+
+ return 0;
+}
+
+static int
+do_test (void)
+{
+ int ret = 0;
+
+ mcheck_pedantic (mcheck_abort);
+
+ ret += do_test_bz18241 ();
+ ret += do_test_bz20181 ();
+
+ return ret;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
new file mode 100644
@@ -0,0 +1,44 @@
+/* Test for open_memstream implementation.
+ Copyright (C) 2016 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <wchar.h>
+
+/* Straighforward implementation so tst-memstream3 could use check
+ fwrite on open_memstream. */
+static size_t
+fwwrite (const void *ptr, size_t size, size_t nmemb, FILE *arq)
+{
+ const wchar_t *wcs = (const wchar_t*) (ptr);
+ for (size_t s = 0; s < size; s++)
+ {
+ for (size_t n = 0; n < nmemb; n++)
+ if (fputwc (wcs[n], arq) == WEOF)
+ return n;
+ }
+ return size * nmemb;
+}
+
+#define CHAR_T wchar_t
+#define W(o) L##o
+#define OPEN_MEMSTREAM open_wmemstream
+#define PRINTF wprintf
+#define FWRITE fwwrite
+#define FPUTC fputwc
+#define STRCMP wcscmp
+
+#include "tst-memstream3.c"
@@ -112,8 +112,6 @@ _IO_wmem_sync (_IO_FILE *fp)
_IO_wstr_overflow (fp, '\0');
--fp->_wide_data->_IO_write_ptr;
}
- else
- *fp->_wide_data->_IO_write_ptr = '\0';
*mp->bufloc = fp->_wide_data->_IO_write_base;
*mp->sizeloc = (fp->_wide_data->_IO_write_ptr
@@ -169,7 +169,7 @@ _IO_wstr_count (_IO_FILE *fp)
static int
enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading)
{
- if ((_IO_ssize_t) offset <= _IO_blen (fp))
+ if ((_IO_ssize_t) offset <= _IO_wblen (fp))
return 0;
struct _IO_wide_data *wd = fp->_wide_data;
@@ -235,6 +235,22 @@ enlarge_userbuf (_IO_FILE *fp, _IO_off64_t offset, int reading)
return 0;
}
+static void
+_IO_wstr_switch_to_get_mode (_IO_FILE *fp)
+{
+ if (_IO_in_backup (fp))
+ fp->_wide_data->_IO_read_base = fp->_wide_data->_IO_backup_base;
+ else
+ {
+ fp->_wide_data->_IO_read_base = fp->_wide_data->_IO_buf_base;
+ if (fp->_wide_data->_IO_write_ptr > fp->_wide_data->_IO_read_end)
+ fp->_wide_data->_IO_read_end = fp->_wide_data->_IO_write_ptr;
+ }
+ fp->_wide_data->_IO_read_ptr = fp->_wide_data->_IO_write_ptr;
+ fp->_wide_data->_IO_read_end = fp->_wide_data->_IO_write_ptr;
+
+ fp->_flags &= ~_IO_CURRENTLY_PUTTING;
+}
_IO_off64_t
_IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
@@ -244,15 +260,16 @@ _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
if (mode == 0 && (fp->_flags & _IO_TIED_PUT_GET))
mode = (fp->_flags & _IO_CURRENTLY_PUTTING ? _IOS_OUTPUT : _IOS_INPUT);
+ bool was_writing = (fp->_wide_data->_IO_write_ptr >
+ fp->_wide_data->_IO_write_base
+ || _IO_in_put_mode (fp));
+ if (was_writing)
+ _IO_wstr_switch_to_get_mode (fp);
+
if (mode == 0)
{
- /* Don't move any pointers. But there is no clear indication what
- mode FP is in. Let's guess. */
- if (fp->_IO_file_flags & _IO_NO_WRITES)
- new_pos = fp->_wide_data->_IO_read_ptr - fp->_wide_data->_IO_read_base;
- else
- new_pos = (fp->_wide_data->_IO_write_ptr
- - fp->_wide_data->_IO_write_base);
+ new_pos = (fp->_wide_data->_IO_write_ptr
+ - fp->_wide_data->_IO_write_base);
}
else
{
@@ -262,25 +279,29 @@ _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
/* Move the get pointer, if requested. */
if (mode & _IOS_INPUT)
{
+ _IO_ssize_t base;
switch (dir)
{
- case _IO_seek_end:
- offset += cur_size;
+ case _IO_seek_set:
+ base = 0;
break;
case _IO_seek_cur:
- offset += (fp->_wide_data->_IO_read_ptr
+ base = (fp->_wide_data->_IO_read_ptr
- fp->_wide_data->_IO_read_base);
break;
- default: /* case _IO_seek_set: */
+ default: /* case _IO_seek_end: */
+ base = cur_size;
break;
}
- if (offset < 0)
- return EOF;
- if ((_IO_ssize_t) offset > cur_size
- && enlarge_userbuf (fp, offset, 1) != 0)
+ _IO_ssize_t maxval = SSIZE_MAX/sizeof(wchar_t) - base;
+ if (offset < -base || offset > maxval)
+ return INVALPOS;
+ base += offset;
+ if (base > cur_size
+ && enlarge_userbuf (fp, base, 1) != 0)
return EOF;
fp->_wide_data->_IO_read_ptr = (fp->_wide_data->_IO_read_base
- + offset);
+ + base);
fp->_wide_data->_IO_read_end = (fp->_wide_data->_IO_read_base
+ cur_size);
new_pos = offset;
@@ -289,26 +310,30 @@ _IO_wstr_seekoff (_IO_FILE *fp, _IO_off64_t offset, int dir, int mode)
/* Move the put pointer, if requested. */
if (mode & _IOS_OUTPUT)
{
+ _IO_ssize_t base;
switch (dir)
{
- case _IO_seek_end:
- offset += cur_size;
+ case _IO_seek_set:
+ base = 0;
break;
case _IO_seek_cur:
- offset += (fp->_wide_data->_IO_write_ptr
+ base = (fp->_wide_data->_IO_write_ptr
- fp->_wide_data->_IO_write_base);
break;
- default: /* case _IO_seek_set: */
+ default: /* case _IO_seek_end: */
+ base = cur_size;
break;
}
- if (offset < 0)
- return EOF;
- if ((_IO_ssize_t) offset > cur_size
- && enlarge_userbuf (fp, offset, 0) != 0)
+ _IO_ssize_t maxval = SSIZE_MAX/sizeof(wchar_t) - base;
+ if (offset < -base || offset > maxval)
+ return INVALPOS;
+ base += offset;
+ if (base > cur_size
+ && enlarge_userbuf (fp, base, 0) != 0)
return EOF;
fp->_wide_data->_IO_write_ptr = (fp->_wide_data->_IO_write_base
- + offset);
- new_pos = offset;
+ + base);
+ new_pos = base;
}
}
return new_pos;
@@ -27,10 +27,10 @@ main (void)
stream = open_memstream (&bp, &size);
fprintf (stream, "hello");
fflush (stream);
- printf ("buf = `%s', size = %d\n", bp, size);
+ printf ("buf = `%s', size = %zu\n", bp, size);
fprintf (stream, ", world");
fclose (stream);
- printf ("buf = `%s', size = %d\n", bp, size);
+ printf ("buf = `%s', size = %zu\n", bp, size);
return 0;
}