MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf()

Most modern platforms don't touch the output buffer when the size
argument is null, but there exist a few old ones (like AIX 5 and
possibly Tru64) where the output will be dereferenced anyway, probably
to write the trailing null, crashing the process. memprintf() uses this
to measure the desired length.

There is a very simple workaround to this consisting in passing a pointer
to a character instead of a NULL pointer. It was confirmed to fix the issue
on AIX 5.1.

diff --git a/src/standard.c b/src/standard.c
index 03072b96b906781858056b3074d8bb5862fecc88..09bc155136d11b3734b33ccb71ed8aa41d011108 100644 (file)
--- a/src/standard.c
+++ b/src/standard.c
@@ -3577,12 +3577,14 @@ char *memvprintf(char **out, const char *format, va_list orig_args)
                return NULL;
 
        do {
+               char buf1;
+
                /* vsnprintf() will return the required length even when the
                 * target buffer is NULL. We do this in a loop just in case
                 * intermediate evaluations get wrong.
                 */
                va_copy(args, orig_args);
-               needed = vsnprintf(ret, allocated, format, args);
+               needed = vsnprintf(ret ? ret : &buf1, allocated, format, args);
                va_end(args);
                if (needed < allocated) {
                        /* Note: on Solaris 8, the first iteration always