[Cbe-oss-dev] [PATCH 2/3] libspe, libspe2: Fix C99 setbuf() handler
Kazunori Asayama
asayama at sm.sony.co.jp
Wed Jan 31 20:50:32 EST 2007
Attached is a patch to fix the following bugs of setbuf() and
setvbuf() in libspe and libspe2:
- setbuf() assumes that SPE's SIZEBUF is same as PPE's SIZEBUF. But
actually PPE's one is greater than SPE's one. This bug causes
buffer overruns.
- setbuf() and setvbuf() do not handle a NULL parameter as special
meaning.
----
Index: libspe2/spebase/default_c99_handler.c
===================================================================
--- libspe2.orig/spebase/default_c99_handler.c
+++ libspe2/spebase/default_c99_handler.c
@@ -132,6 +132,8 @@ enum {
#define SPE_FOPEN_MAX (FOPEN_MAX+1)
#define SPE_FOPEN_MIN 4
+#define SPE_STDIO_BUFSIZ 1024
+
/**
* spe_FILE_ptrs - an indexed array of 'FILE *', used by SPE C99 calls.
*
@@ -1012,8 +1014,8 @@ int default_c99_handler_setbuf(char *ls,
DEBUG_PRINTF("%s\n", __func__);
CHECK_C99_OPCODE(SETBUF);
stream = get_FILE(arg0->slot[0]);
- buf = GET_LS_PTR(arg1->slot[0]);
- setbuf(stream, buf);
+ buf = GET_LS_PTR_NULL(arg1->slot[0]);
+ setvbuf(stream, buf, buf ? _IOFBF : _IONBF, SPE_STDIO_BUFSIZ);
return 0;
}
@@ -1040,7 +1042,7 @@ int default_c99_handler_setvbuf(char *ls
DEBUG_PRINTF("%s\n", __func__);
CHECK_C99_OPCODE(SETVBUF);
stream = get_FILE(arg0->slot[0]);
- buf = GET_LS_PTR(arg1->slot[0]);
+ buf = GET_LS_PTR_NULL(arg1->slot[0]);
mode = arg2->slot[0];
size = arg3->slot[0];
rc = setvbuf(stream, buf, mode, size);
Index: libspe2/spebase/handler_utils.h
===================================================================
--- libspe2.orig/spebase/handler_utils.h
+++ libspe2/spebase/handler_utils.h
@@ -45,6 +45,9 @@ struct spe_reg128 {
#define GET_LS_PTR(_off) \
(void *) ((char *) ls + ((_off) & LS_ADDR_MASK))
+#define GET_LS_PTR_NULL(_off) \
+ ((_off) ? GET_LS_PTR(_off) : NULL)
+
#define DECL_0_ARGS() \
unsigned int ls_args = (opdata & 0xffffff)
More information about the cbe-oss-dev
mailing list