|
 |
b9ba6d |
diff -rup a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
|
|
|
b9ba6d |
--- a/stdio-common/vfprintf.c 2012-03-05 09:43:14.705536167 -0700
|
|
|
b9ba6d |
+++ b/stdio-common/vfprintf.c 2012-03-05 09:48:11.602890982 -0700
|
|
|
b9ba6d |
@@ -822,7 +822,7 @@ vfprintf (FILE *s, const CHAR_T *format,
|
|
|
b9ba6d |
\
|
|
|
b9ba6d |
if (function_done < 0) \
|
|
|
b9ba6d |
{ \
|
|
|
b9ba6d |
- /* Error in print handler. */ \
|
|
|
b9ba6d |
+ /* Error in print handler; up to handler to set errno. */ \
|
|
|
b9ba6d |
done = -1; \
|
|
|
b9ba6d |
goto all_done; \
|
|
|
b9ba6d |
} \
|
|
|
b9ba6d |
@@ -876,7 +876,7 @@ vfprintf (FILE *s, const CHAR_T *format,
|
|
|
b9ba6d |
\
|
|
|
b9ba6d |
if (function_done < 0) \
|
|
|
b9ba6d |
{ \
|
|
|
b9ba6d |
- /* Error in print handler. */ \
|
|
|
b9ba6d |
+ /* Error in print handler; up to handler to set errno. */ \
|
|
|
b9ba6d |
done = -1; \
|
|
|
b9ba6d |
goto all_done; \
|
|
|
b9ba6d |
} \
|
|
|
b9ba6d |
@@ -1117,7 +1117,7 @@ vfprintf (FILE *s, const CHAR_T *format,
|
|
|
b9ba6d |
&mbstate); \
|
|
|
b9ba6d |
if (len == (size_t) -1) \
|
|
|
b9ba6d |
{ \
|
|
|
b9ba6d |
- /* Something went wron gduring the conversion. Bail out. */ \
|
|
|
b9ba6d |
+ /* Something went wrong during the conversion. Bail out. */ \
|
|
|
b9ba6d |
done = -1; \
|
|
|
b9ba6d |
goto all_done; \
|
|
|
b9ba6d |
} \
|
|
|
b9ba6d |
@@ -1188,6 +1188,7 @@ vfprintf (FILE *s, const CHAR_T *format,
|
|
|
b9ba6d |
if (__mbsnrtowcs (ignore, &str2, strend - str2, \
|
|
|
b9ba6d |
ignore_size, &ps) == (size_t) -1) \
|
|
|
b9ba6d |
{ \
|
|
|
b9ba6d |
+ /* Conversion function has set errno. */ \
|
|
|
b9ba6d |
done = -1; \
|
|
|
b9ba6d |
goto all_done; \
|
|
|
b9ba6d |
} \
|
|
|
b9ba6d |
@@ -1599,6 +1600,7 @@ vfprintf (FILE *s, const CHAR_T *format,
|
|
|
b9ba6d |
if (spec == L_('\0'))
|
|
|
b9ba6d |
{
|
|
|
b9ba6d |
/* The format string ended before the specifier is complete. */
|
|
|
b9ba6d |
+ __set_errno (EINVAL);
|
|
|
b9ba6d |
done = -1;
|
|
|
b9ba6d |
goto all_done;
|
|
|
b9ba6d |
}
|
|
|
b9ba6d |
@@ -1696,17 +1698,20 @@ do_positional:
|
|
|
b9ba6d |
|
|
|
b9ba6d |
/* Determine the number of arguments the format string consumes. */
|
|
|
b9ba6d |
nargs = MAX (nargs, max_ref_arg);
|
|
|
b9ba6d |
+ /* Calculate total size needed to represent a single argument across
|
|
|
b9ba6d |
+ all three argument-related arrays. */
|
|
|
b9ba6d |
bytes_per_arg = sizeof (*args_value) + sizeof (*args_size)
|
|
|
b9ba6d |
+ sizeof (*args_type);
|
|
|
b9ba6d |
|
|
|
b9ba6d |
/* Check for potential integer overflow. */
|
|
|
b9ba6d |
- if (nargs > SIZE_MAX / bytes_per_arg)
|
|
|
b9ba6d |
+ if (__builtin_expect (nargs > SIZE_MAX / bytes_per_arg, 0))
|
|
|
b9ba6d |
{
|
|
|
b9ba6d |
+ __set_errno (ERANGE);
|
|
|
b9ba6d |
done = -1;
|
|
|
b9ba6d |
goto all_done;
|
|
|
b9ba6d |
}
|
|
|
b9ba6d |
|
|
|
b9ba6d |
- /* Allocate memory for the argument descriptions. */
|
|
|
b9ba6d |
+ /* Allocate memory for all three argument arrays. */
|
|
|
b9ba6d |
if (__libc_use_alloca (nargs * bytes_per_arg))
|
|
|
b9ba6d |
args_value = alloca (nargs * bytes_per_arg);
|
|
|
b9ba6d |
else
|
|
|
b9ba6d |
@@ -1937,6 +1942,7 @@ do_positional:
|
|
|
b9ba6d |
about # of chars. */
|
|
|
b9ba6d |
if (function_done < 0)
|
|
|
b9ba6d |
{
|
|
|
b9ba6d |
+ /* Function has set errno. */
|
|
|
b9ba6d |
done = -1;
|
|
|
b9ba6d |
goto all_done;
|
|
|
b9ba6d |
}
|
|
|
b9ba6d |
@@ -1971,6 +1977,7 @@ do_positional:
|
|
|
b9ba6d |
of chars. */
|
|
|
b9ba6d |
if (function_done < 0)
|
|
|
b9ba6d |
{
|
|
|
b9ba6d |
+ /* Function has set errno. */
|
|
|
b9ba6d |
done = -1;
|
|
|
b9ba6d |
goto all_done;
|
|
|
b9ba6d |
}
|