Skip to content

Commit 2b71270

Browse files
RABijlRABijl
committed
misc: fix dangling pointer in printf_buffer
also includes fixing uint to int conversion warning and some other clang tidy warnings.
1 parent 50f7357 commit 2b71270

File tree

1 file changed

+11
-14
lines changed

1 file changed

+11
-14
lines changed

lib/CL/devices/printf_buffer.c

+11-14
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,6 @@
3030
#include "printf_base.h"
3131

3232
#include <assert.h>
33-
#include <stdarg.h>
3433
#include <stdio.h>
3534
#include <string.h>
3635
#include <unistd.h>
@@ -145,23 +144,18 @@ DEFINE_PRINT_FLOATS (double)
145144
/**************************************************************************/
146145

147146
#define FORWARD_BUFFER(SIZE) \
148-
buffer += SIZE; \
149-
if (buffer_size < SIZE) \
147+
buffer += (SIZE); \
148+
if (buffer_size < (SIZE)) \
150149
{ \
151150
POCL_MSG_ERR ( \
152151
"printf error: exhausted arguments before format string end\n"); \
153152
return -1; \
154153
} \
155-
buffer_size -= SIZE;
154+
buffer_size -= (SIZE);
156155

157156
uint32_t
158157
__pocl_printf_format_full (param_t *p, char *buffer, uint32_t buffer_size)
159158
{
160-
161-
char bf[BUFSIZE];
162-
for (unsigned i = 0; i < BUFSIZE; ++i)
163-
bf[i] = 0;
164-
p->bf = bf;
165159
char ch = 0;
166160

167161
/* fetch & decode the control dword */
@@ -365,7 +359,7 @@ __pocl_printf_format_full (param_t *p, char *buffer, uint32_t buffer_size)
365359
DEBUG_PRINTF (("[printf:precision=%d]\n", precision));
366360

367361
/* Vector specifier */
368-
uint32_t vector_length = 0;
362+
int32_t vector_length = 0;
369363
if (ch == 'v')
370364
{
371365
ch = *format++;
@@ -377,7 +371,7 @@ __pocl_printf_format_full (param_t *p, char *buffer, uint32_t buffer_size)
377371
"printf error: vector-length is zero\n");
378372
return -1;
379373
}
380-
if (vector_length > (UINT32_MAX - 9) / 10)
374+
if (vector_length < 0)
381375
{
382376
POCL_MSG_ERR (
383377
"printf error: vector-length overflow\n");
@@ -391,7 +385,7 @@ __pocl_printf_format_full (param_t *p, char *buffer, uint32_t buffer_size)
391385
|| vector_length == 16))
392386
{
393387
POCL_MSG_ERR (
394-
"printf error: unrecognize vector length (%u)\n",
388+
"printf error: unrecognized vector length (%d)\n",
395389
vector_length);
396390
return -1;
397391
}
@@ -608,8 +602,8 @@ __pocl_printf_format_full (param_t *p, char *buffer, uint32_t buffer_size)
608602
return -1;
609603
}
610604
DEBUG_PRINTF (("[printf:char4]\n"));
611-
bf[0] = (char)*buffer;
612-
bf[1] = 0;
605+
p->bf[0] = (char)*buffer;
606+
p->bf[1] = 0;
613607
/* char is always promoted to int32 */
614608
FORWARD_BUFFER (sizeof (int32_t));
615609
__pocl_printf_putchw (p);
@@ -749,6 +743,9 @@ void
749743
pocl_flush_printf_buffer (char *buffer, uint32_t buffer_size)
750744
{
751745
param_t p = { 0 };
746+
char bf[BUFSIZE];
747+
memset (bf, 0, BUFSIZE);
748+
p.bf = bf;
752749

753750
char result[IMM_FLUSH_BUFFER_SIZE];
754751
p.printf_buffer = result;

0 commit comments

Comments
 (0)