[packages/cvs.git] / cvs-printf-n.patch

--- cvs-1.12.13/lib/vasnprintf.c	2005-05-23 19:44:33.000000000 +0200
+++ cvs-1.12.13/lib/vasnprintf.c	2009-02-10 20:38:47.947197650 +0100
@@ -558,9 +558,21 @@
 		  }
 		*p = dp->conversion;
 #if USE_SNPRINTF
-		p[1] = '%';
-		p[2] = 'n';
-		p[3] = '\0';
+# if !(__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 3)) 
+		p[1] = '%'; 
+		p[2] = 'n'; 
+		p[3] = '\0'; 
+# else 
+		/* On glibc2 systems from glibc >= 2.3 - probably also older 
+		   ones - we know that snprintf's returns value conforms to 
+		   ISO C 99: the gl_SNPRINTF_DIRECTIVE_N test passes. 
+		   Therefore we can avoid using %n in this situation. 
+		   On glibc2 systems from 2004-10-18 or newer, the use of %n 
+		   in format strings in writable memory may crash the program 
+		   (if compiled with _FORTIFY_SOURCE=2), so we should avoid it 
+		   in this situation.  */ 
+		p[1] = '\0'; 
+# endif
 #else
 		p[1] = '\0';
 #endif
Commit	Line	Data
da277ce0 AM	1	--- cvs-1.12.13/lib/vasnprintf.c 2005-05-23 19:44:33.000000000 +0200
	2	+++ cvs-1.12.13/lib/vasnprintf.c 2009-02-10 20:38:47.947197650 +0100
	3	@@ -558,9 +558,21 @@
	4	}
	5	*p = dp->conversion;
	6	#if USE_SNPRINTF
	7	- p[1] = '%';
	8	- p[2] = 'n';
	9	- p[3] = '\0';
	10	+# if !(__GLIBC__ > 2 \|\| (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 3))
	11	+ p[1] = '%';
	12	+ p[2] = 'n';
	13	+ p[3] = '\0';
	14	+# else
	15	+ /* On glibc2 systems from glibc >= 2.3 - probably also older
	16	+ ones - we know that snprintf's returns value conforms to
	17	+ ISO C 99: the gl_SNPRINTF_DIRECTIVE_N test passes.
	18	+ Therefore we can avoid using %n in this situation.
	19	+ On glibc2 systems from 2004-10-18 or newer, the use of %n
	20	+ in format strings in writable memory may crash the program
	21	+ (if compiled with _FORTIFY_SOURCE=2), so we should avoid it
	22	+ in this situation. */
	23	+ p[1] = '\0';
	24	+# endif
	25	#else
	26	p[1] = '\0';
	27	#endif