Please accept the following patch. This fixes the segmentation faults
reported in bugzilla 753.
The patch is against 2.5.STABLE4. The problem was reproduced on SuSE
SLES-8 SP3 running on IBM zSeries (31-bit). However, the bug should be
generic to all platforms.
--- MemBuf.c.orig 2003-11-21 15:51:42.000000000 -0800
+++ MemBuf.c 2003-11-21 16:00:18.000000000 -0800
@@ -228,6 +228,7 @@
void
memBufVPrintf(MemBuf * mb, const char *fmt, va_list vargs)
{
+ va_list ap;
int sz = 0;
assert(mb && fmt);
assert(mb->buf);
@@ -236,7 +237,12 @@
while (mb->capacity <= mb->max_capacity) {
mb_size_t free_space = mb->capacity - mb->size;
/* put as much as we can */
- sz = vsnprintf(mb->buf + mb->size, free_space, fmt, vargs);
+
+ va_copy(ap,vargs); /* bug 753, the value of vargs is undefined
+ * after vsnprintf()
returnes. Make a copy of vargs
+ * incase we loop around and call vsnprintf()
again.
+ */
+ sz = vsnprintf(mb->buf + mb->size, free_space, fmt, ap);
/* check for possible overflow */
/* snprintf on Linuz returns -1 on overflows */
/* snprintf on FreeBSD returns at least free_space on overflows */
@@ -245,6 +251,7 @@
else
break;
}
+ va_end(ap);
mb->size += sz;
/* on Linux and FreeBSD, '\0' is not counted in return value */
/* on XXX it might be counted */
David Wilder
IBM Global Services, Linux Change Team
[EMAIL PROTECTED]
(503) 578-3789 T/L 775-3789
