From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Further wide stdio issues [Was: Re: [PATCH] fix fgetwc when decoding a character that crosses buffer boundary]
Date: Sun, 19 Nov 2017 20:48:53 -0500 [thread overview]
Message-ID: <20171120014853.GI1627@brightrain.aerifal.cx> (raw)
In-Reply-To: <20171118165148.GF15263@port70.net>
On Sat, Nov 18, 2017 at 05:51:48PM +0100, Szabolcs Nagy wrote:
> Update the buffer position according to the bytes consumed into st when
> decoding an incomplete character at the end of the buffer.
Further related problems:
1. fgetws is unable to accurately determine whether fgetwc failed due
to hitting EOF on a clean stream vs hitting EOF in the middle of a
truncated character. The latter is an EILSEQ condition and should
cause fgetws to return a null pointer rather than a line not ending
in newline.
2. fgetwc attempts to leave all but the first byte unread on EILSEQ so
that calling fgetwc again will resync, but doesn't do this
consistently when it has to call getc_unlocked to get new bytes
rather than reading from the buffer.
I think (1) can be fixed in an ugly way by setting errno to something
other than EILSEQ before calling fgetwc, then checking if EILSEQ upon
failure.
As for (2), it's not fixable without some pushback (ungetc). I'm not
sure if pushback here on an unbuffered stream is even conforming; if
not, no fix is possible, which is quite unfortunate because it makes
it impossible to resync after error. Assuming pushback is acceptable,
however, we'd still need up to MB_LEN_MAX-1 bytes of pushback to give
the same behavior as the buffered case now. It might be better to have
both the buffered and unbuffered cases consume as many bytes as yield
(size_t)-2 from mbrtowc (i.e. as many as would be a prefix of a valid
character) and only leave unread (pushed back) the first byte that
determines failure (which could be invalid itself, or the first byte
of the next valid character). This would require slightly more work in
the buffered case, but it could instead be handled by just falling
through to the slow unbuffered-case loop, with st reset to {0} and
without advancing the buffer position, when mbrtowc fails. In fact
then we could even use mbtowc instead of mbrtowc in the fast path,
making it slightly faster.
Thoughts?
Rich
next prev parent reply other threads:[~2017-11-20 1:48 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-18 16:51 [PATCH] fix fgetwc when decoding a character that crosses buffer boundary Szabolcs Nagy
2017-11-19 1:12 ` Rich Felker
2017-11-19 1:14 ` Rich Felker
2017-11-20 1:48 ` Rich Felker [this message]
2017-11-20 19:28 ` Further wide stdio issues [Was: Re: [PATCH] fix fgetwc when decoding a character that crosses buffer boundary] Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171120014853.GI1627@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).