Greg Schafer wrote:
> Posting here for review first:
Thanks.
> $ cat foo.c
> #include <stdio.h>
>
> static char buf[100];
> int main ()
> {
> # define LDBL80_WORDS(exponent,manthi,mantlo) { mantlo, manthi,
> exponent }
> { /* Pseudo-Infinity. */
> static union { unsigned int word[4]; long double value; } x =
> { LDBL80_WORDS (0xFFFF, 0x00000000, 0x00000000) };
> if (sprintf (buf, "%Lf", x.value) < 0)
> return 1;
> }
> return 0;
> }
It could be that the buffer that is too small is this 'buf' here, not
something in glibc. Does the buffer overflow persist if you increase
its size from 100 to 1000000, and/or if you use asprintf instead of sprintf?
Bruno
