musl/src/stdio/fgets.c, branch master musl - an implementation of the standard library for Linux-based systems fgets: avoid arithmetic overflow when n==INT_MIN is passed 2022年10月19日T18:01:32+00:00 Rich Felker dalias@aerifal.cx 2022年10月07日T23:37:56+00:00 5ff3eea91fa6bdce25b3a35644433f68e076beca performing n-- is not a safe operation for arbitrary signed input n. only perform the decrement in the code path where the initial n is greater than 1, and adjust the condition in the n<=1 code path to compensate for it not having been decremented. 
performing n-- is not a safe operation for arbitrary signed input n.
only perform the decrement in the code path where the initial n is
greater than 1, and adjust the condition in the n<=1 code path to
compensate for it not having been decremented.
fix null pointer subtraction and comparison in stdio 2018年09月16日T18:37:22+00:00 Rich Felker dalias@aerifal.cx 2018年09月16日T17:46:46+00:00 849e7603e9004fd292a93df64dd3524025f2987a morally, for null pointers a and b, a-b, a<b, and a>b should all be defined as 0; however, C does not define any of them. the stdio implementation makes heavy use of such pointer comparison and subtraction for buffer logic, and also uses null pos/base/end pointers to indicate that the FILE is not in the corresponding (read or write) mode ready for accesses through the buffer. all of the comparisons are fixed trivially by using != in place of the relational operators, since the opposite relation (e.g. pos>end) is logically impossible. the subtractions have been reviewed to check that they are conditional the stream being in the appropriate reading- or writing-through-buffer mode, with checks added where needed. in fgets and getdelim, the checks added should improve performance for unbuffered streams by avoiding a do-nothing call to memchr, and should be negligible for buffered streams. 
morally, for null pointers a and b, a-b, a<b, and a>b should all be
defined as 0; however, C does not define any of them.
the stdio implementation makes heavy use of such pointer comparison
and subtraction for buffer logic, and also uses null pos/base/end
pointers to indicate that the FILE is not in the corresponding (read
or write) mode ready for accesses through the buffer.
all of the comparisons are fixed trivially by using != in place of the
relational operators, since the opposite relation (e.g. pos>end) is
logically impossible. the subtractions have been reviewed to check
that they are conditional the stream being in the appropriate reading-
or writing-through-buffer mode, with checks added where needed.
in fgets and getdelim, the checks added should improve performance for
unbuffered streams by avoiding a do-nothing call to memchr, and should
be negligible for buffered streams.
fix multiple stdio functions' behavior on zero-length operations 2014年09月05日T02:21:17+00:00 Rich Felker dalias@aerifal.cx 2014年09月05日T02:21:17+00:00 6e2bb7acf42589fb7130b039d0623e2ca42503dd previously, fgets, fputs, fread, and fwrite completely omitted locking and access to the FILE object when their arguments yielded a zero length read or write operation independent of the FILE state. this optimization was invalid; it wrongly skipped marking the stream as byte-oriented (a C conformance bug) and exposed observably missing synchronization (a POSIX conformance bug) where one of these functions could wrongly complete despite another thread provably holding the lock. 
previously, fgets, fputs, fread, and fwrite completely omitted locking
and access to the FILE object when their arguments yielded a zero
length read or write operation independent of the FILE state. this
optimization was invalid; it wrongly skipped marking the stream as
byte-oriented (a C conformance bug) and exposed observably missing
synchronization (a POSIX conformance bug) where one of these functions
could wrongly complete despite another thread provably holding the
lock.
suppress null termination when fgets reads EOF with no data 2014年09月05日T01:37:13+00:00 Rich Felker dalias@aerifal.cx 2014年09月05日T01:37:13+00:00 402611c3ba3be5b3b0486835d98e22ac7ced2722 the C standard requires that "the contents of the array remain unchanged" in this case. this patch also changes the behavior on read errors, but in that case "the array contents are indeterminate", so the application cannot inspect them anyway. 
the C standard requires that "the contents of the array remain
unchanged" in this case.
this patch also changes the behavior on read errors, but in that case
"the array contents are indeterminate", so the application cannot
inspect them anyway.
clean up stdio_impl.h 2012年11月08日T21:39:41+00:00 Rich Felker dalias@aerifal.cx 2012年11月08日T21:39:41+00:00 835f9f950e2f6059532bd9ab9857a856ed21a4fd this header evolved to facilitate the extremely lazy practice of omitting explicit includes of the necessary headers in individual stdio source files; not only was this sloppy, but it also increased build time. now, stdio_impl.h is only including the headers it needs for its own use; any further headers needed by source files are included directly where needed. 
this header evolved to facilitate the extremely lazy practice of
omitting explicit includes of the necessary headers in individual
stdio source files; not only was this sloppy, but it also increased
build time.
now, stdio_impl.h is only including the headers it needs for its own
use; any further headers needed by source files are included directly
where needed.
use restrict everywhere it's required by c99 and/or posix 2008 2012年09月07日T02:44:55+00:00 Rich Felker dalias@aerifal.cx 2012年09月07日T02:44:55+00:00 400c5e5c8307a2ebe44ef1f203f5a15669f20347 to deal with the fact that the public headers may be used with pre-c99 compilers, __restrict is used in place of restrict, and defined appropriately for any supported compiler. we also avoid the form [restrict] since older versions of gcc rejected it due to a bug in the original c99 standard, and instead use the form *restrict. 
to deal with the fact that the public headers may be used with pre-c99
compilers, __restrict is used in place of restrict, and defined
appropriately for any supported compiler. we also avoid the form
[restrict] since older versions of gcc rejected it due to a bug in the
original c99 standard, and instead use the form *restrict.
major stdio overhaul, using readv/writev, plus other changes 2011年03月28日T05:14:44+00:00 Rich Felker dalias@aerifal.cx 2011年03月28日T05:14:44+00:00 e3cd6c5c265cd481db6e0c5b529855d99f0bda30 the biggest change in this commit is that stdio now uses readv to fill the caller's buffer and the FILE buffer with a single syscall, and likewise writev to flush the FILE buffer and write out the caller's buffer in a single syscall. making this change required fundamental architectural changes to stdio, so i also made a number of other improvements in the process: - the implementation no longer assumes that further io will fail following errors, and no longer blocks io when the error flag is set (though the latter could easily be changed back if desired) - unbuffered mode is no longer implemented as a one-byte buffer. as a consequence, scanf unreading has to use ungetc, to the unget buffer has been enlarged to hold at least 2 wide characters. - the FILE structure has been rearranged to maintain the locations of the fields that might be used in glibc getc/putc type macros, while shrinking the structure to save some space. - error cases for fflush, fseek, etc. should be more correct. - library-internal macros are used for getc_unlocked and putc_unlocked now, eliminating some ugly code duplication. __uflow and __overflow are no longer used anywhere but these macros. switch to read or write mode is also separated so the code can be better shared, e.g. with ungetc. - lots of other small things. 
the biggest change in this commit is that stdio now uses readv to fill
the caller's buffer and the FILE buffer with a single syscall, and
likewise writev to flush the FILE buffer and write out the caller's
buffer in a single syscall.
making this change required fundamental architectural changes to
stdio, so i also made a number of other improvements in the process:
- the implementation no longer assumes that further io will fail
 following errors, and no longer blocks io when the error flag is set
 (though the latter could easily be changed back if desired)
- unbuffered mode is no longer implemented as a one-byte buffer. as a
 consequence, scanf unreading has to use ungetc, to the unget buffer
 has been enlarged to hold at least 2 wide characters.
- the FILE structure has been rearranged to maintain the locations of
 the fields that might be used in glibc getc/putc type macros, while
 shrinking the structure to save some space.
- error cases for fflush, fseek, etc. should be more correct.
- library-internal macros are used for getc_unlocked and putc_unlocked
 now, eliminating some ugly code duplication. __uflow and __overflow
 are no longer used anywhere but these macros. switch to read or
 write mode is also separated so the code can be better shared, e.g.
 with ungetc.
- lots of other small things.
initial check-in, version 0.5.0 2011年02月12日T05:22:29+00:00 Rich Felker dalias@aerifal.cx 2011年02月12日T05:22:29+00:00 0b44a0315b47dd8eced9f3b7f31580cf14bbfc01

AltStyle によって変換されたページ (->オリジナル) /