svn commit: r199782 - head/lib/libc/stdio
Garrett Wollman
wollman at FreeBSD.org
Wed Nov 25 04:27:56 UTC 2009
Author: wollman
Date: Wed Nov 25 04:27:55 2009
New Revision: 199782
URL: http://svn.freebsd.org/changeset/base/199782
Log:
In __mbsconv(), if prec was zero, nconv could have been used
uninitialized. Initialize it to a safe value so that there's no
chance of returning an error if stack garbage happens to be equal to
(size_t)-1 or (size_t)-2.
Found by: Clang static analyzer
MFC after: 7 days
Modified:
head/lib/libc/stdio/vfwprintf.c
Modified: head/lib/libc/stdio/vfwprintf.c
==============================================================================
--- head/lib/libc/stdio/vfwprintf.c Wed Nov 25 04:21:42 2009 (r199781)
+++ head/lib/libc/stdio/vfwprintf.c Wed Nov 25 04:27:55 2009 (r199782)
@@ -293,7 +293,7 @@ __mbsconv(char *mbsarg, int prec)
* number of characters to print.
*/
p = mbsarg;
- insize = nchars = 0;
+ insize = nchars = nconv = 0;
mbs = initial_mbs;
while (nchars != (size_t)prec) {
nconv = mbrlen(p, MB_CUR_MAX, &mbs);
More information about the svn-src-head
mailing list