Undefined behaviour causing problems on AVR32

Bradley Smith bradsmith at debian.org
Mon Apr 13 16:37:28 CEST 2009 

On Mon, 13 Apr 2009 16:11:42 +0200
Torbjorn Granlund <tg at gmplib.org> wrote:

> Bradley Smith <bradsmith at debian.org> writes:
> 
>   On Mon, 13 Apr 2009 14:02:20 +0200
>   Torbjorn Granlund <tg at gmplib.org> wrote:
>   
>   > I agree this is broken in GMP.
>   > 
>   > I don't fully understand the GMP scanf code.
>   > 
>   > I find two calls to sscanffuns.c's scan through the ->scan field,
>   > both from __gmp_doscan.  One call uses 3 parameters and the other
>   > uses 4 parameters.
>   > 
>   > Both the current and your suggested code assumes there are 4
>   > parameters. While your code is an improvement, it still looks
>   > undefined to me.
>   > 
>   > Do you agree?
>   
>   Hmm, yes I didn't spot the call that uses 3 args, I guess a simple way
> to fix that would be to change the call that uses 3 args to use 4, by
> just putting a dummy argument as the 4th. Maybe not the nicest fix, but
> I can't really see an alternative that doesn't involve rewriting large
> chunks of the code.
>   
> Unfortunately, that might not work either, since the ->scan field might
> point at fscanf.  (I tried this and got crashes...)
> 
> I'll try your initial solution to see if it works in practice.

Come to think of it, you could do something like the following:

static int
scan (const char **sp, const char *fmt, ...)
{
    va_list ap;
    int ret;

    va_start(ap, fmt);
    ret = vsscanf(*sp, fmt, ap);
    va_end(ap);

    return ret;
}

Which should be perfectly well defined as long as the number of fields in
fmt is the same as the number or arguments pass, which I hope should be
safe to assume, otherwise things would be breaking all over the place.

Regards,
Bradley Smith

-- 
Bradley Smith                                     brad at brad-smith.co.uk
Debian GNU/Linux Developer                         bradsmith at debian.org
GPG: 0xC718D347       D201 7274 2FE1 A92A C45C EFAB 8F70 629A C718 D347
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://gmplib.org/list-archives/gmp-bugs/attachments/20090413/603cdf4d/attachment.bin>

More information about the gmp-bugs mailing list