<URL: http://bugs.freeciv.org/Ticket/Display.html?id=39328 >
[EMAIL PROTECTED] wrote: > <URL: http://bugs.freeciv.org/Ticket/Display.html?id=39328 > > > Hi again, > > Jason Short wrote: >> <URL: http://bugs.freeciv.org/Ticket/Display.html?id=39328 > >> >> The current code is clearly wrong. The va_arg may be implemented as a >> pointer rather than an inline array and so passing it multiple times to >> vsnprintf will generate garbage results on some platforms while working >> on others. > > I doubt it matters whether there is an array of varargs structs or a > linked list of them. With an array, if you use an index too far beyond > the end, you will also get a segfault. The real problem is that the > array index or linked list current pointer is not reset to the beginning > after vsprintf et al. are used. > >> Nothing I've read indicates that va_start can be called multiple times >> within the same function, though. > > Allow me to requote from the man pages for the GNU libc implementation > of va_start(3): > > "Each invocation of va_start() must be matched by a corresponding > invocation of va_end() in the same function. After > the call va_end(ap) the variable ap is undefined. Multiple > transversals of the list, each bracketed by va_start() and > va_end() are possible." Clearly you have a different version of glibc than me. My manual page does not mention multiple calls to va_start. What it does say is An obvious implementation would have a va_list be a pointer to the stack frame of the variadic function. In such a setup (by far the most common) there seems nothing against an assignment va_list aq = ap; clearly my glibc has such an implementation such that passing the va_arg to vsnprintf amounts to a copy of it. Yours does not, hence a crash. However I do not trust a mere manpage to say that va_start may be called multiple times. Clearly in that implementation that is the case - but if it's not guaranteed by C89/C99 then we should not be relying on it. >> So I'm applying the patch as-is. > > You apparently applied the original patch and not the modified one that > I later submitted. The modified one had an additional fix for an > identical problem in another place in the same source file. That problem > also caused crashes. Attached to this message is a patch for that problem. Applied now. Think that is the cause of 39344? -jason _______________________________________________ Freeciv-dev mailing list [email protected] https://mail.gna.org/listinfo/freeciv-dev
