core: Initialize values in estream_format

Authored by aheinecke on Jul 4 2018, 6:19 PM.

Description

core: Initialize values in estream_format

* src/estream-printf.c (_gpgrt_estream_format): Make sure
valuetable.value is inialized even on stack.

This makes the behavior more consistent with the calloc'ed
codepath for more then 8 variables.

It also fixes a potential crash if there were unmatched
format args provided.

Details

werner added a subscriber: werner.Jul 5 2018, 9:20 AM

The comment is a bit misleading. It does not fix the crash because it all depends on the stack layout: printf takes the args from the stack and if there are not enough args pushed by the caller printf happily uses args which are the local vars from our printf function. Clearing a few vars there seems to have the effect that the args for the "%s" now points to a NULL. In fact you can't fix such crashes with any stdarg function on any platform I know. That is why gcc as a couple of helpful attributes to detect misuse of stdarg args at compile time (e.g. sentinel, printf).