From 0ed64da963f10fa18a9f0e4bde812930bcdb364d Mon Sep 17 00:00:00 2001 From: Ivan Grokhotkov Date: Wed, 23 Aug 2017 01:07:03 +0800 Subject: [PATCH] console: initialize buf_size before calling open_memstream POSIX open_memstream documentation [1] does not mention that it may use the value supplied in buf_size before the call. newlib implementation of open_memstream does use it as a hint of the buffer size [2]. To avoid using potential garbage in this variable, newlib caps the size to 64kB (!). If the allocation of this initial buffer fails, NULL file pointer is returned. Previous code did not check returned file pointer and crashed when it was used. Initialize size to zero (in which case newlib allocates a 64 byte buffer), and check the returned file pointer. [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/open_memstream.html [2] https://github.com/espressif/newlib-esp32/blob/23c0f21/newlib/libc/stdio/open_memstream.c#L26-L29 https://github.com/espressif/newlib-esp32/blob/23c0f21/newlib/libc/stdio/open_memstream.c#L324-L336 --- components/console/commands.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/components/console/commands.c b/components/console/commands.c index a451584d56..dfcbf450c1 100644 --- a/components/console/commands.c +++ b/components/console/commands.c @@ -105,11 +105,13 @@ esp_err_t esp_console_cmd_register(const esp_console_cmd_t *cmd) asprintf(&item->hint, " %s", cmd->hint); } else if (cmd->argtable) { /* Generate hint based on cmd->argtable */ - char* buf; - size_t buf_size; + char* buf = NULL; + size_t buf_size = 0; FILE* f = open_memstream(&buf, &buf_size); - arg_print_syntax(f, cmd->argtable, NULL); - fclose(f); + if (f != NULL) { + arg_print_syntax(f, cmd->argtable, NULL); + fclose(f); + } item->hint = buf; } item->argtable = cmd->argtable;