msxml3: Fix varargs handling in libxml2 error callback implementation
Nikolay Sivov
nsivov at codeweavers.com
Wed Feb 15 18:15:59 CST 2012
On 2/16/2012 01:28, Marcus Meissner wrote:
> On Thu, Feb 16, 2012 at 01:55:44AM +0300, Nikolay Sivov wrote:
>> The problem is that vsnprintf() was called multiple times with same
>> va_list. Ti fix that it was necessary to get rid of some tracing
>> bits like macro-defined callback calls and a single function for all
>> kinds of error types.
>>
>> As far as I understand this problem it leads to a stack corruption
>> when va_list is used multiple time without va_start/va_end around
>> it, so it's critical to fix.
> If I remember correctly, you can even process a va_list only once
> on some platforms.
We use it that way in couple of places, so it seems to work and I can't
find a proper description or part of a standard that says it's not portable.
See winegcc/wrc for
---
char* strmake(const char* fmt, ...)
---
as an example.
That probably means vsnprintf() and similar calls were added as part
of C99 as well, so their presence implies working va_copy() is available.
Anyway calling it many times with same va_list is broken.
>
> If you need to process it multiple times, you need to create a copy
> with va_copy() first.
Yes, but that's a part of C99.
>
> Ciao, Marcus
>
More information about the wine-devel
mailing list