netbsd-bugs: Re: lib/35401: blubb

Subject: Re: lib/35401: blubb
To: None <gnats-bugs@NetBSD.org, lib-bug-people@netbsd.org,>
From: Christos Zoulas <christos@zoulas.com>
List: netbsd-bugs
Date: 01/10/2007 21:57:58

On Jan 10, 11:45pm, andreas.wiese@instandbesetzt.net (Andreas Wiese) wrote:
-- Subject: lib/35401: blubb

How about this:

christos

Index: vfprintf.c
===================================================================
RCS file: /cvsroot/src/lib/libc/stdio/vfprintf.c,v
retrieving revision 1.54
diff -u -u -r1.54 vfprintf.c
--- vfprintf.c	30 Oct 2006 05:10:40 -0000	1.54
+++ vfprintf.c	11 Jan 2007 02:56:58 -0000
@@ -353,6 +353,8 @@
 		if ((m = fmt - cp) != 0) {
 			PRINT(cp, m);
 			ret += m;
+			if (ret < 0)
+				goto ovfl;
 		}
 		if (n <= 0)
 			goto done;
@@ -798,6 +800,8 @@
 
 		/* finally, adjust ret */
 		ret += width > realsz ? width : realsz;
+		if (ret < 0)
+			goto ovfl;
 
 		FLUSH();	/* copy out the I/O vectors */
 	}
@@ -811,6 +815,9 @@
 	if (__sferror(fp))
 		ret = -1;
 	return (ret);
+ovfl:
+	errno = ERANGE;
+	return -1;
 }
 
 #ifndef NO_FLOATING_POINT