core: Initialize values in estream_format
fe2f8fca3114
Actions

Description

core: Initialize values in estream_format

* src/estream-printf.c (_gpgrt_estream_format): Make sure
valuetable.value is inialized even on stack.

This makes the behavior more consistent with the calloc'ed
codepath for more then 8 variables.

It also fixes a potential crash if there were unmatched
format args provided.

GnuPG-Bug-Id: T4054

Details

Provenance

aheinecke

Authored on Jul 4 2018, 6:19 PM

Parents

rE043a91b8cd4b: po: Update Russian translation.

Branches

Unknown

Tags

Unknown

Tasks

T4054: libgpg-error, w32: logging crashes on unmatched %s on window

Event Timeline

aheinecke added a task: T4054: libgpg-error, w32: logging crashes on unmatched %s on window.Jul 5 2018, 9:13 AM

aheinecke committed rEfe2f8fca3114: core: Initialize values in estream_format (authored by aheinecke).Jul 5 2018, 8:38 AM

The comment is a bit misleading. It does not fix the crash because it all depends on the stack layout: printf takes the args from the stack and if there are not enough args pushed by the caller printf happily uses args which are the local vars from our printf function. Clearing a few vars there seems to have the effect that the args for the "%s" now points to a NULL. In fact you can't fix such crashes with any stdarg function on any platform I know. That is why gcc as a couple of helpful attributes to detect misuse of stdarg args at compile time (e.g. sentinel, printf).

Changes (1)

Path

Size

src/

estream-printf.c

rEfe2f8fca3114

View Options