On Sun, Feb 12, 2017 at 05:37:49PM -0500, Christos Zoulas wrote: > Module Name: src > Committed By: christos > Date: Sun Feb 12 22:37:49 UTC 2017 > > Modified Files: > src/lib/libc/gen: vis.c > > Log Message: > fix off-by-one, found by asan. >
It fails in another case, attached ASan is wrong about where the problem happens, so I ran it in gdb - it's here: 514 for (start = dst; len > 0; len--) { 515 c = *src++; 516 dst = (*f)(dst, c, flags, len >= 1 ? *src : L'\0', extra); breakpoint on do_svis
/* gcc -fsanitize=address -lasan asan.c && ./a.out */ #include <errno.h> #include <locale.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <vis.h> #include <wchar.h> static void h_mbtowc(const char *locale, const char *legal) { char buf[64]; setlocale(LC_ALL, "C"); setlocale(LC_CTYPE, locale); /* re-initialize internal state */ mbtowc(NULL, NULL, 0); /* valid multibyte sequence case */ (void)strvis(buf, legal, VIS_WHITE | VIS_OCTAL); } int main() { h_mbtowc("zh_TW.eucTW", "\241\241"); }