Re: printf produces no output for %f directive

Fri, 19 Oct 2007 08:13:54 -0700 

Eric Blake <[EMAIL PROTECTED]> wrote:

> According to Andreas Schwab on 10/19/2007 6:58 AM:
>> Jim Meyering <[EMAIL PROTECTED]> writes:
>>
>>> Could it be a bug in printf for failing, yet not setting the
>>> stream-failure indicator that is checked by close_stdout's ferror?
>>
>> A failure from printf does not necessarily mean an output failure.  It
>> can also be ENOMEM or EILSEQ, which are unrelated to output.
>
> Wow.  You're right.  Which means the return value of printf/fprintf must
> always be checked in a secure program.

'Fraid so.  At least for now.
Hard to believe that POSIX intended to impose such a requirement.

Here's the proposed gnulib module:
Hmm.. need to add a copyright on the .h file.
And documentation.
Then, s/printf/xprintf/ in coreutils' printf.c and the problem is solved.
----------------

New module: xprintf

* modules/xprintf, lib/xprintf.c, lib/xprintf.h: New files.

---
 ChangeLog       |    5 ++++
 lib/xprintf.c   |   56 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 lib/xprintf.h   |   24 +++++++++++++++++++++++
 modules/xprintf |   25 ++++++++++++++++++++++++
 4 files changed, 110 insertions(+), 0 deletions(-)
 create mode 100644 lib/xprintf.c
 create mode 100644 lib/xprintf.h
 create mode 100644 modules/xprintf

diff --git a/ChangeLog b/ChangeLog
index b39e171..dbf680e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2007-10-19  Jim Meyering  <[EMAIL PROTECTED]>
+
+       New module: xprintf
+       * modules/xprintf, lib/xprintf.c, lib/xprintf.h: New files.
+
 2007-10-18  Bruno Haible  <[EMAIL PROTECTED]>

        * lib/vasnprintf.c (VASNPRINTF): Don't use %n on glibc >= 2.3 systems.
diff --git a/lib/xprintf.c b/lib/xprintf.c
new file mode 100644
index 0000000..a794418
--- /dev/null
+++ b/lib/xprintf.c
@@ -0,0 +1,56 @@
+/* printf wrappers that fail immediately for non-file-related errors
+   Copyright (C) 2007 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include "xprintf.h"
+
+#include <errno.h>
+#include <stdarg.h>
+
+#include "error.h"
+#include "exitfail.h"
+#include "gettext.h"
+
+/* Just like printf, but call error if it fails for any reason
+   for which printf does not set the stream error indicator.  */
+int
+xprintf (char const *restrict format, ...)
+{
+  va_list args;
+  va_start (args, format);
+  int err = vprintf (format, args);
+  if (err && (errno == EILSEQ || errno == EINVAL || errno == ENOMEM))
+    error (exit_failure, errno, gettext ("write error"));
+
+  return err;
+}
+
+/* Just like fprintf, but call error if it fails for any reason
+   for which printf does not set the stream error indicator.  */
+int
+xfprintf (FILE *restrict stream, char const *restrict format, ...)
+{
+  va_list args;
+  va_start (args, format);
+  int err = vfprintf (stream, format, args);
+  if (err && (errno == EILSEQ || errno == EINVAL || errno == ENOMEM))
+    error (exit_failure, errno, gettext ("write error"));
+
+  return err;
+}
diff --git a/lib/xprintf.h b/lib/xprintf.h
new file mode 100644
index 0000000..be20b7a
--- /dev/null
+++ b/lib/xprintf.h
@@ -0,0 +1,24 @@
+#ifndef _XPRINTF_H
+#define _XPRINTF_H
+
+#include <stdio.h>
+
+#ifndef __attribute__
+/* This feature is available in gcc versions 2.5 and later.  */
+# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5) || __STRICT_ANSI__
+#  define __attribute__(Spec)  /* empty */
+# endif
+/* The __-protected variants of `format' and `printf' attributes
+   are accepted by gcc versions 2.6.4 (effectively 2.7) and later.  */
+# if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 7)
+#  define __format__ format
+#  define __printf__ printf
+# endif
+#endif
+
+extern int xprintf (char const *restrict format, ...)
+  __attribute__ ((__format__ (__printf__, 1, 2)));
+extern int xfprintf (FILE *restrict stream, char const *restrict format, ...)
+  __attribute__ ((__format__ (__printf__, 2, 3)));
+
+#endif
diff --git a/modules/xprintf b/modules/xprintf
new file mode 100644
index 0000000..1425971
--- /dev/null
+++ b/modules/xprintf
@@ -0,0 +1,25 @@
+Description:
+a wrapper around printf that calls error upon ENOMEM or EILSEQ errors
+
+Files:
+lib/xprintf.h
+lib/xprintf.c
+
+Depends-on:
+error
+exitfail
+stdio
+
+configure.ac:
+
+Makefile.am:
+lib_SOURCES += xprintf.h xprintf.c
+
+Include:
+"xprintf.h"
+
+License:
+LGPL
+
+Maintainer:
+Jim Meyering
--
1.5.3.4.206.g58ba4


_______________________________________________
Bug-coreutils mailing list
Bug-coreutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-coreutils

Reply via email to