vsnprintf broken (was: Re: gcc update)
Simon 'corecode' Schubert
corecode at fs.ei.tum.de
Mon Nov 12 12:41:29 PST 2007
Simon 'corecode' Schubert wrote:
> Johannes Hofmann wrote:
>> Hello,
>>
>> I see crashes with a string handling library on DragonFly.
>> The problem can be reduced to the test program below. It crashes on
>> DragonFly when compiled with "gcc -O2 -o foo foo.c". Without -O2 it
>> runs fine. No problems on Linux with or without -O2.
>> Can anyone spot the problem? I think its related to the use of
>> va_copy().
>
> No, the problem is that gcc uses %ebx after a function call, which it is
> not allowed to do:
[snip]
> Or does the ABI dictate that %ebx needs to be restored? Seems that
> linux/glibc doesn't clobber ebx.
okay, I am wrong here. %ebx is supposed to be saved and is also being
saved by vsnprinf. gcc is good.
So this is actually a case of stack smashing. Have fun finding the bug
in vsnprintf or in your code :)
> cheers
> simon
Attachment:
signature.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00004.pgp
Type: application/octet-stream
Size: 252 bytes
Desc: "Description: OpenPGP digital signature"
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20071112/0fa84e53/attachment-0021.obj>
More information about the Users
mailing list