bug in __gmp_replacement_vsnprintf
Niels Möller
nisse at lysator.liu.se
Mon Jan 9 12:39:24 CET 2023
Paul Zimmermann <Paul.Zimmermann at inria.fr> writes:
> this bug report got no feedback so far:
>
> https://gmplib.org/list-archives/gmp-bugs/2022-October/005200.html
>
> Do the GMP developers acknowledge it?
I'm not so familiar with this part of GMP, but it looks like a bug to
me.
I would suggest first changing the ASSERT at
https://gmplib.org/repo/gmp/file/tip/printf/repl-vsnprintf.c#l355 to
ASSERT_ALWAYS; it seems rather dangerous to pass format specifiers we're
not understanding to the system's vsprintf. And to really fix this
issue, we'd also have to actually support hex floats with %a and %A.
Looks like the file was written by Kevin Ryde two decades ago. I wonder
if it's possible/reasonable to replace with gnulib's version? That's a
few thousand lines of rather non-trivial code, though:
https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/vasnprintf.c;h=ab11ad026ed1b5d224dd71a8c880a30d859339cb;hb=HEAD
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
More information about the gmp-bugs
mailing list