Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160211004234.GH9349@brightrain.aerifal.cx>
Date: Wed, 10 Feb 2016 19:42:34 -0500
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: fread, fwrite with size 0

On Wed, Feb 03, 2016 at 11:39:48PM -0500, Rich Felker wrote:
> On Wed, Feb 03, 2016 at 09:53:21AM +0100, hombre wrote:
> > Hello,
> > 
> > I think that fread and fwrite does not return 0 when parameter size
> > is 0 (when nmemb is 0, it does).
> > Clib spec says: If size or nmemb is zero, fread/fwrite returns zero
> > 
> > I did the following changes to make it work:
> > 
> > fread:
> > from
> >     return nmemb;
> > to
> >     return len == 0 ? 0 : nmemb;
> > 
> > fwrite:
> > from
> >     return k == l ? nmemb : k / size;
> > to
> >     if (l == 0)
> >         return 0;
> >     else
> >         return k == l ? nmemb : k / size;
> > 
> > Regards,
> > Erwin
> 
> Thanks. Sadly the POSIX version of the text is contradictory on this:
> 
> "Upon successful completion, fread() shall return the number of
> elements successfully read which is less than nitems only if a read
> error or end-of-file is encountered. If size or nitems is 0, fread()
> shall return 0 and the contents of the array and the state of the
> stream remain unchanged."
> 
> First it says that the return value can be less than nitems only if an
> error of EOF happens, but then it gives another way the return value
> can be less than nitems (if size is 0).
> 
> Fortunately the ISO C text is not so broken and agrees with you:
> 
> "The fread function returns the number of elements successfully read,
> which may be less than nmemb if a read error or end-of-file is
> encountered. If size or nmemb is zero, fread returns zero and the
> contents of the array and the state of the stream remain unchanged."
> 
> There's another issue I want to fix here too, but I might do it in two
> commits. Thanks for the report.

I'm fixing this by adding:

	if (!size) nmemb = 0;

to the top of both functions. This is preferable because, at least for
fread, I'm also going to have to check for nmemb>=SIZE_MAX/size in
order to properly handle this case (see glibc bug 19165), and having
already ruled out size==0 (i.e. only doing the overflow check in the
'else' path for the above 'if') makes that division safe.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.