open_memstream corner case

open_memstream corner case

[Maxim Storchak]

Hi,

I discovered something strange with memstream subsystem in musl: if a
stream is opened for writing with open_memstream(3) but then closed
without writing anything, neither buffer pointer, nor buffer size gets
updated. I compared source code of glibc, uClibc and musl and discovered
that both uClibc and musl update buffer size on write, while glibc does
that on fclose or fsync, both of which is fine, according to
memstream(3) man page. While both uClibc and musl behave the same if
something is written to the buffer, they differ if no write happens. On
initialization uClibc sets buffer size to 0, and musl leaves it intact.
In case of no write it doesn't get updated and contains garbage. Here is
my test case:

#include <stdio.h>
#include <stdlib.h>
int main() {
        FILE *f;
        size_t size=-42; /* garbage */
        char *buf="garbage";
        printf("Initially: size=%ld, buf=%s\n", size, buf);
        if ( (f=open_memstream(&buf, &size)) == NULL ) {
                perror("open_memstream");
                exit(0);
        }
        fclose(f);
        printf("After writing nothing to buffer: size=%ld, buf=%s\n",
size, buf);
        if ( (f=open_memstream(&buf, &size)) == NULL ) {
                perror("open_memstream");
                exit(0);
        }
        fprintf(f, "something completely different");
        fclose(f);
        printf("After writing something to buffer: size=%ld, buf=%s\n",
size, buf);
        exit(0);
}

musl:
Initially: size=-42, buf=garbage
After writing nothing to buffer: size=-42, buf=garbage
After writing something to buffer: size=30, buf=something completely
different

glibc:
Initially: size=-42, buf=garbage
After writing nothing to buffer: size=0, buf=
After writing something to buffer: size=30, buf=something completely
different

(I'm sorry for providing no example for uClibc, but the program where I
found that use case used to work with uClibc but not musl).

Could anyone please comment if where's a bug in musl or in my test case?

-- 
Best regards,
Maxim Storchak
mailto:m.storchak@gmail.com

Re: open_memstream corner case

[Rich Felker]

On Tue, Oct 06, 2015 at 04:52:58PM +0300, Maxim Storchak wrote:
> Hi,
> 
> I discovered something strange with memstream subsystem in musl: if a
> stream is opened for writing with open_memstream(3) but then closed
> without writing anything, neither buffer pointer, nor buffer size gets
> updated. I compared source code of glibc, uClibc and musl and discovered
> that both uClibc and musl update buffer size on write, while glibc does
> that on fclose or fsync, both of which is fine, according to
> memstream(3) man page. While both uClibc and musl behave the same if
> something is written to the buffer, they differ if no write happens. On
> initialization uClibc sets buffer size to 0, and musl leaves it intact.
> In case of no write it doesn't get updated and contains garbage. Here is
> my test case:

Thank you for the detailed report and test case. The bug should now be
fixed by commit 7b9f57f207b51132f188f750161953b7baf32154. Please let
me know if any problems remain or if you find other issues.

Here is the commit link in case you want to apply it manually to an
older version:

http://git.musl-libc.org/cgit/musl/commit/?id=7b9f57f207b51132f188f750161953b7baf32154

Rich

Re: open_memstream corner case

[Maxim Storchak]

On 10/9/15 01:12, Rich Felker wrote:

> Thank you for the detailed report and test case. The bug should now be
> fixed by commit 7b9f57f207b51132f188f750161953b7baf32154. Please let
> me know if any problems remain or if you find other issues.
> 
> Here is the commit link in case you want to apply it manually to an
> older version:
> 
> http://git.musl-libc.org/cgit/musl/commit/?id=7b9f57f207b51132f188f750161953b7baf32154
> 
> Rich
> 

Thank you for the fix Rich,

It addresses the issue with the original program.

-- 
Best regards,
Maxim Storchak
mailto:m.storchak@gmail.com