https://gcc.gnu.org/g:03932d3203bce244edd812b81921c2f16ea18d86
commit r14-9348-g03932d3203bce244edd812b81921c2f16ea18d86
Author: Jerry DeLisle <jvdeli...@gcc.gnu.org>
Date: Wed Mar 6 19:46:04 2024 -0800
Fortran: Fix issue with using snprintf function.
The previous patch used snprintf to set the message
string. The message string is not a formatted string
and the snprintf will interpret '%' related characters
as format specifiers when there are no associated
output variables. A segfault ensues.
This change replaces snprintf with a fortran string copy
function and null terminates the message string.
PR libfortran/105456
libgfortran/ChangeLog:
* io/list_read.c (list_formatted_read_scalar): Use fstrcpy
from libgfortran/runtime/string.c to replace snprintf.
(nml_read_obj): Likewise.
* io/transfer.c (unformatted_read): Likewise.
(unformatted_write): Likewise.
(formatted_transfer_scalar_read): Likewise.
(formatted_transfer_scalar_write): Likewise.
* io/write.c (list_formatted_write_scalar): Likewise.
(nml_write_obj): Likewise.
gcc/testsuite/ChangeLog:
* gfortran.dg/pr105456.f90: Revise using '%' characters
in users error message.
Diff:
---
gcc/testsuite/gfortran.dg/pr105456.f90 | 4 ++--
libgfortran/io/list_read.c | 10 ++++++----
libgfortran/io/transfer.c | 20 ++++++++++++--------
libgfortran/io/write.c | 10 ++++++----
4 files changed, 26 insertions(+), 18 deletions(-)
diff --git a/gcc/testsuite/gfortran.dg/pr105456.f90
b/gcc/testsuite/gfortran.dg/pr105456.f90
index 188323847a7..60cd3b6f3e8 100644
--- a/gcc/testsuite/gfortran.dg/pr105456.f90
+++ b/gcc/testsuite/gfortran.dg/pr105456.f90
@@ -19,7 +19,7 @@ contains
character :: ch
read (unit,fmt='(A1)', advance="no", iostat=piostat, iomsg=piomsg) ch
piostat = 42
- piomsg="The users message"
+ piomsg="The users message containing % and %% and %s and other stuff"
dtv%ch = ch
end subroutine read_formatted
end module sk1
@@ -35,4 +35,4 @@ program skip1
write (*,'(10(A))') "Read: '",x%ch,"'"
end program skip1
! { dg-output ".*(unit = 10, file = .*)" }
-! { dg-output "Fortran runtime error: The users message" }
+! { dg-output "Fortran runtime error: The users message containing % and %%
and %s and other stuff" }
diff --git a/libgfortran/io/list_read.c b/libgfortran/io/list_read.c
index 707afaeb8dc..e38e9a84976 100644
--- a/libgfortran/io/list_read.c
+++ b/libgfortran/io/list_read.c
@@ -2268,9 +2268,10 @@ list_formatted_read_scalar (st_parameter_dt *dtp, bt
type, void *p,
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1;
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
free_line (dtp);
- snprintf (message, child_iomsg_len, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg, child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
@@ -3082,8 +3083,9 @@ nml_read_obj (st_parameter_dt *dtp, namelist_info *nl,
index_type offset,
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg)
+ 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg,
child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
goto nml_err_ret;
diff --git a/libgfortran/io/transfer.c b/libgfortran/io/transfer.c
index 9523a14c4bf..a86099d46f5 100644
--- a/libgfortran/io/transfer.c
+++ b/libgfortran/io/transfer.c
@@ -1128,8 +1128,9 @@ unformatted_read (st_parameter_dt *dtp, bt type,
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg, child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
@@ -1271,8 +1272,9 @@ unformatted_write (st_parameter_dt *dtp, bt type,
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg, child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
@@ -1763,8 +1765,9 @@ formatted_transfer_scalar_read (st_parameter_dt *dtp, bt
type, void *p, int kind
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg, child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
@@ -2259,8 +2262,9 @@ formatted_transfer_scalar_write (st_parameter_dt *dtp, bt
type, void *p, int kin
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg, child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
diff --git a/libgfortran/io/write.c b/libgfortran/io/write.c
index cdcaf8decb6..91d1da2007a 100644
--- a/libgfortran/io/write.c
+++ b/libgfortran/io/write.c
@@ -1999,8 +1999,9 @@ list_formatted_write_scalar (st_parameter_dt *dtp, bt
type, void *p, int kind,
!(dtp->common.flags & IOPARM_HAS_IOSTAT))
{
char message[IOMSG_LEN + 1];
- child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg) + 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN, child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg, child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
@@ -2352,8 +2353,9 @@ nml_write_obj (st_parameter_dt *dtp, namelist_info *obj,
index_type offset,
char message[IOMSG_LEN + 1];
/* Trim trailing spaces from the message. */
- child_iomsg_len = string_len_trim (IOMSG_LEN,
child_iomsg) + 1;
- snprintf (message, child_iomsg_len, child_iomsg);
+ child_iomsg_len = string_len_trim (IOMSG_LEN,
child_iomsg);
+ fstrcpy (message, child_iomsg_len, child_iomsg,
child_iomsg_len);
+ message[child_iomsg_len] = '\0';
generate_error (&dtp->common, dtp->u.p.child_saved_iostat,
message);
}
