From 762cf3ee22b047d7eb0a06bf05a16dffab54cc53 Mon Sep 17 00:00:00 2001 From: Keith Marshall Date: Wed, 31 Dec 2008 15:34:09 +0000 Subject: [PATCH] Correct mishandling of invalid characters in printf() format specs. --- winsup/mingw/ChangeLog | 10 ++++++++++ winsup/mingw/mingwex/stdio/pformat.c | 16 ++++++++++++---- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/winsup/mingw/ChangeLog b/winsup/mingw/ChangeLog index da6a5891f..58fc95a2d 100644 --- a/winsup/mingw/ChangeLog +++ b/winsup/mingw/ChangeLog @@ -1,3 +1,13 @@ +2008-12-31 Keith Marshall + + Partial fix for MinGW-Bug [2457778]: (Reported by Sisyphus). + Correct mishandling of invalid characters in printf() format specs. + + * mingwex/stdio/pformat.c (__pformat): Save `fmt' scan position in... + (backtrack): ...this new automatic variable, at start of each format + conversion specification substring; use it to backtrack, and print the + substring literally, if any invalid character is encountered. + 2008-12-16 Danny Smith * msvcrt.def.in (___lc_codepage_func, ___lc_collate_cp_func, diff --git a/winsup/mingw/mingwex/stdio/pformat.c b/winsup/mingw/mingwex/stdio/pformat.c index 8b3e93ed4..2151a0945 100644 --- a/winsup/mingw/mingwex/stdio/pformat.c +++ b/winsup/mingw/mingwex/stdio/pformat.c @@ -1813,6 +1813,11 @@ int __pformat( int flags, void *dest, int max, const char *fmt, va_list argv ) __pformat_state_t state = PFORMAT_INIT; __pformat_length_t length = PFORMAT_LENGTH_INT; + /* Save the current format scan position, so that we can backtrack + * in the event of encountering an invalid format specification... + */ + char *backtrack = fmt; + /* Restart capture for dynamic field width and precision specs... */ int *width_spec = &stream.width; @@ -2490,12 +2495,15 @@ int __pformat( int flags, void *dest, int max, const char *fmt, va_list argv ) } else + { /* We found a digit out of context, or some other character - * with no designated meaning; silently reject it, and any - * further characters other than argument length modifiers, - * until this format specification is completely resolved. + * with no designated meaning; reject this format specification, + * backtrack, and emit it as literal text... */ - state = PFORMAT_END; + fmt = backtrack; + __pformat_putc( '%', &stream ); + goto format_scan; + } } } }