1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
From 6d1a3dfeaf2caac4033a3c65822fb4e7e14866c7 Mon Sep 17 00:00:00 2001
From: Rich Felker <dalias@aerifal.cx>
Date: Mon, 28 Mar 2016 23:41:17 -0400
Subject: [PATCH] fix undefined pointer comparison in stdio-internal __toread
the comparison f->wpos > f->buf has undefined behavior when f->wpos is
a null pointer, despite the intuition (and actual compiler behavior,
for all known compilers) being that NULL > ptr is false for all valid
pointers ptr.
the purpose of the comparison is to determine if the write buffer is
non-empty, and the idiom used elsewhere for that is comparison against
f->wbase, which is either a null pointer when not writing, or equal to
f->buf when writing. in the former case, both f->wpos and f->wbase are
null; in the latter they are both non-null and point into the same
array.
---
src/stdio/__toread.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/stdio/__toread.c b/src/stdio/__toread.c
index b08f5bb..35f67b8 100644
--- a/src/stdio/__toread.c
+++ b/src/stdio/__toread.c
@@ -3,7 +3,7 @@
int __toread(FILE *f)
{
f->mode |= f->mode-1;
- if (f->wpos > f->buf) f->write(f, 0, 0);
+ if (f->wpos > f->wbase) f->write(f, 0, 0);
f->wpos = f->wbase = f->wend = 0;
if (f->flags & F_NORD) {
f->flags |= F_ERR;
--
2.7.4
|
