cURL / Mailing Lists / curl-library / Single Mail

curl-library

curl_off_t and format string in disagreement with gcc 4.6

From: m brandenberg <mcbinc_at_panix.com>
Date: Wed, 21 May 2014 11:49:33 -0400 (EDT)

Platform is Debian squeeze (approximately) on amd64 with gcc 4.6.
This started after 7.34 and I confirmed it's present in 7.37 as well.

Problem: configuring a 32-bit build on a 64-bit system results
in a disagreement between the curl_off_t type and it's detected
format string. 'int64_t' will be the type, but 'ld'/'lu' will
be the format string. This causes the varargs processing in
mprintf.c to get out-of-sync and crashes result. The main victim
of this is the large progress fprintf() in progress.c.

64-bit on 64-bit configuration:

$ ./configure --disable-ldap --disable-ldaps \
--enable-shared=no --enable-threaded-resolver --enable-debug \
--disable-optimize ithout-libssh2

checking size of long... 8
checking size of void*... 8
checking for 64-bit curl_off_t data type... long
checking size of curl_off_t... 8
checking formatting string directive for curl_off_t... "ld"
checking formatting string directive for unsigned curl_off_t... "lu"
checking constant suffix string for curl_off_t... L
checking constant suffix string for unsigned curl_off_t... UL

32-bit on 64-bit configuration:

$ CFLAGS="-m32" CXXFLAGS="-m32" ./configure \
--disable-ldap --disable-ldaps \
--enable-shared=no --enable-threaded-resolver --enable-debug \
--disable-optimize --without-libssh2

checking size of long... 4
checking size of void*... 4
checking for 64-bit curl_off_t data type... int64_t <<<
checking size of curl_off_t... 8
checking formatting string directive for curl_off_t... "ld" <<<
checking formatting string directive for unsigned curl_off_t... "lu" <<<
checking constant suffix string for curl_off_t... LL
checking constant suffix string for unsigned curl_off_t... ULL

Now, the autoconf for this is still a bit impenetrable to me
so I haven't come up with a workaround yet.

(Defensive programming issue: max5data() can get a negative
number in curl_off_t which can result in a print that exceeds
its buffer length assumptions. Might take some action against
this.)

--
Monty Brandenberg, Software Engineer                               MCB, Inc.
mcbinc_at_panix.com                                             P.O. Box 425292
mcbinc_at_pobox.com                                   Cambridge, MA  02142-0006
617.864.6907
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2014-05-21

This message: [ Message body ]
Next message: m brandenberg: "Re: curl_off_t and format string in disagreement with gcc 4.6"
Previous message: Tatsuhiro Tsujikawa: "[PATCH] openssl: Fix uninitialized variable use in NPN callback"
Next in thread: m brandenberg: "Re: curl_off_t and format string in disagreement with gcc 4.6"
Reply: m brandenberg: "Re: curl_off_t and format string in disagreement with gcc 4.6"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]