WireGuard implementation for the OpenBSD kernel https://git.zx2c4.com/wireguard-openbsd/atom/lib/libc/stdio/vfprintf.c?h=jd%2Fqueueboosts 2017-11-21T17:48:19Z 2017-11-21T17:48:19Z tb tb@openbsd.org 2017-11-21T17:48:19Z urn:sha1:66470849db1007dcbdfe04cf560534d0286524da using mbrtowc(3). Thus, we now treat the format string as a bytestring, not as a multibyte character string. We think that ANSI C made a small error when adding wide characters: The committees essentially replaced "characters" with "wide characters" in the existing printf documentation, which was written before the concept of processing was established. Doing processing on the format string would break some 8-bit format strings in the wild, and that isn't something these committees gave themselves license to do. Based on the "10x printf speedup" commit from android found by tedu: https://github.com/aosp-mirror/platform_bionic/commit/5305a4d4a723b06494b93f2df81733b83a0c46d3 Thanks to millert and schwarze for digging into the history and testing *printf behavior on other platforms. ok deraadt, millert 2016-08-29T12:20:57Z millert millert@openbsd.org 2016-08-29T12:20:57Z urn:sha1:5b28eaf2b71894219cdbc646b8fc6de656ef741f OK schwarze@ 2016-08-27T16:10:40Z millert millert@openbsd.org 2016-08-27T16:10:40Z urn:sha1:b3e86db50598b6bdbfee08b867c2e335e2ead080 to determine the length instead of doing it manually. OK schwarze@ 2016-08-17T22:15:08Z tedu tedu@openbsd.org 2016-08-17T22:15:08Z urn:sha1:1e29e77683c3ed1314184cdcfa91e9a6513a0e98 2016-08-17T18:07:07Z deraadt deraadt@openbsd.org 2016-08-17T18:07:07Z urn:sha1:a469cbf7dce3ab124fc08b7ded7326d947f018b2 Over time we can repair software which performs this non-standard behaviour, and fix bugs along the way. Let's first find out how bad the situation is by deploying this in snapshots. This type of logging is possible because OpenBSD syslog_r(3) -> sendsyslog(2) is side-effect free enough to be used in the bowels of libc. ok tedu 2016-06-06T17:22:59Z millert millert@openbsd.org 2016-06-06T17:22:59Z urn:sha1:6aecfbc88758946162288af18e71fe549477ef7a 2016-01-19T18:22:53Z mmcc mmcc@openbsd.org 2016-01-19T18:22:53Z urn:sha1:09c898c053fe87ef821d997fc547f8fdb43cd781 ok millert@ 2016-01-04T15:47:47Z schwarze schwarze@openbsd.org 2016-01-04T15:47:47Z urn:sha1:69f9b3e2a7baba62dc3e7158b140a66dc2aa605d 1. When fprintf(fp, "...%ls...", ...) encounters an encoding error, do not destroy all the fp->_flags, which made the file permanently unreadable and unwriteable. 2. Do not change fp->_flags at all in case of encoding errors. Neither the manual nor POSIX ask for it, no other conversions set the error indicator, and it isn't needed because the return value reports failure and must be checked anyway. 3. Detect failure in mbrtowc(3), do not silently treat invalid bytes in the format string as the end of the format string. 4. Detect failure of __find_arguments(), no matter whether due to out of memory conditions or encoding errors, and gracefully fail rather than accessing an invalid pointer. 5. Remove the pointless and slightly dangerous errno = EILSEQ overrides after functions that already do that and are required by the standard to do so. OK jca@ on items 1, 2, and 5. OK millert@ on the complete diff. "Completely brutal mix of bugs." deraadt@ 2015-12-28T22:08:18Z mmcc mmcc@openbsd.org 2015-12-28T22:08:18Z urn:sha1:b4c66e9d35799de272ab90c8189d8cc311f97053 ok and valuable input from millert@ 2015-09-29T03:19:23Z guenther guenther@openbsd.org 2015-09-29T03:19:23Z urn:sha1:09264c8b08941585fe9309bce5a1fc008be97421 ok millert@