Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 3 Jun 2001 18:29:52 -0400 (EDT)
From:      Daniel Eischen <eischen@vigrid.com>
To:        Bruce Evans <bde@zeta.org.au>
Cc:        sobomax@FreeBSD.ORG, current@FreeBSD.ORG, deischen@FreeBSD.ORG
Subject:   Re: sscanf(3) is broken in 5-CURRENT [SIGBUS]
Message-ID:  <Pine.SUN.3.91.1010603182456.27210A-100000@pcnet1.pcnet.com>
In-Reply-To: <Pine.BSF.4.21.0106040426420.51343-100000@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 4 Jun 2001, Bruce Evans wrote:
> On Sat, 2 Jun 2001, Maxim Sobolev wrote:
> 
> > It seems that something is wrong with sscanf(3) in -current - in
> > some cases it may cause SIGBUS. I failed to reproduce the
> > problem on 4-STABLE, so it is a -current specific bug. Attached
> > please find small showcase that exposes the bug in question
> > and a backtrace after SIGBUS.
[ ... ]
> 
> This is because fp->_extra is not initialized by sscanf() (it is stack
> garbage that happened to be 0 when I looked at it).

Yes, it looks like the change from _up to _extra (to hold _up and other
locking stuff) screwed this up.  Here's a fix.  My source is a month
out of date (DEVFS won't let my old X applications work, so I need
to upgrade my systems before it becomes mandatory), so I don't know
if it'll apply cleanly to -current sources.

-- 
Dan Eischen

Index: local.h
===================================================================
RCS file: /opt/b/CVS/src/lib/libc/stdio/local.h,v
retrieving revision 1.3
diff -u -r1.3 local.h
--- local.h	2001/03/01 05:22:14	1.3
+++ local.h	2001/06/03 22:22:18
@@ -103,3 +103,10 @@
 	free((char *)(fp)->_lb._base); \
 	(fp)->_lb._base = NULL; \
 }
+
+#define	INITEXTRA(fp) { \
+	(fp)->_extra->_up = NULL; \
+	(fp)->_extra->fl_mutex = PTHREAD_MUTEX_INITIALIZER; \
+	(fp)->_extra->fl_owner = NULL; \
+	(fp)->_extra->fl_count = 0; \
+}
Index: sscanf.c
===================================================================
RCS file: /opt/b/CVS/src/lib/libc/stdio/sscanf.c,v
retrieving revision 1.6
diff -u -r1.6 sscanf.c
--- sscanf.c	1999/08/28 00:01:17	1.6
+++ sscanf.c	2001/06/03 22:20:22
@@ -77,6 +77,7 @@
 {
 	int ret;
 	va_list ap;
+	struct __sFILEX extra;
 	FILE f;
 
 	f._file = -1;
@@ -86,6 +87,8 @@
 	f._read = eofread;
 	f._ub._base = NULL;
 	f._lb._base = NULL;
+	f._extra = &extra;
+	INITEXTRA(&f);
 #if __STDC__
 	va_start(ap, fmt);
 #else


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.91.1010603182456.27210A-100000>