sbellon at sbellon.de
Fri Jan 2 04:42:14 PST 2004
David Marston wrote:
> Just to add to what Peter said, I don't think the setvbuf call will
> ever result in malloc(0) as do_buffer checks if the new buffer size is
> 0 before making that call.
Oh, you're right. I missed that surrounding if. Ok, it looks like the
problem is elsewhere, but weird anyway that this call then can trigger
a heap corruption that has its origin elsewhere.
Another question regarding exactly the same code in do_buffer():
if (flag == _IOFBF || flag == _IOLBF)
if (newbufsize == 0)
(void) __set_errno (EINVAL);
Is it correct to set EINVAL in that case? The Single Unix Specification
v3 only talks about EBADF as possible error code from a call to
More information about the gcc