From admglz@skade.lule2.infologigruppen.se  Wed Jul 25 06:45:25 2001
Return-Path: <admglz@skade.lule2.infologigruppen.se>
Received: from skade.lule2.infologigruppen.se (unknown [213.242.135.174])
	by hub.freebsd.org (Postfix) with ESMTP id 0B47837B40F
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 25 Jul 2001 06:45:24 -0700 (PDT)
	(envelope-from admglz@skade.lule2.infologigruppen.se)
Received: (from root@localhost)
	by skade.lule2.infologigruppen.se (8.11.4/8.11.4) id f6MJfCD17465;
	Sun, 22 Jul 2001 21:41:12 +0200 (CEST)
	(envelope-from admglz)
Message-Id: <200107221941.f6MJfCD17465@skade.lule2.infologigruppen.se>
Date: Sun, 22 Jul 2001 21:41:12 +0200 (CEST)
From: goran.lowkrantz@ismobile.com
Reply-To: goran.lowkrantz@ismobile.com
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Missing pointer increment in wcsspn result in eternal loop
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         29218
>Category:       bin
>Synopsis:       Missing pointer increment in wcsspn result in eternal loop
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    des
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jul 25 06:50:00 PDT 2001
>Closed-Date:    Tue Nov 27 05:37:49 PST 2001
>Last-Modified:  Tue Nov 27 05:39:32 PST 2001
>Originator:     Goran Lowkrantz
>Release:        FreeBSD 4.3-STABLE i386
>Organization:
isMobile AB
>Environment:
System: FreeBSD skade.lule2.infologigruppen.se 4.3-STABLE FreeBSD 4.3-STABLE #3: Fri Jul 20 22:45:53 CEST 2001 root@midgard.lule2.infologigruppen.se:/usr/src/sys/compile/SKADE i386

>Description:
In the libc function wcsspn, the search set pointer is not incremented. As a result, any call to this function results in an eternal loop.

>How-To-Repeat:
#include <cwchar>
#include <iostream>

int main(int argc, char* argv[])
{

        wchar_t * x = L"abcdefghijkabcdefghijk";

        size_t y = wcsspn(x, L"abcdf");
        cerr << y << endl;

        y = wcsspn(x, L"mno");
        cerr << y << endl;

        return 0;
}

>Fix:
--- wcsspn.c.orig       Sun Jul 22 21:33:35 2001
+++ wcsspn.c    Sun Jul 22 21:28:45 2001
@@ -50,6 +50,7 @@
                while (*q) {
                        if (*p == *q)
                                break;
+                       ++q;
                }
                if (!*q)
                        goto done;

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: des 
State-Changed-When: Sat Nov 10 09:37:09 PST 2001 
State-Changed-Why:  
Fixed in -CURRENT. 


Responsible-Changed-From-To: freebsd-bugs->des 
Responsible-Changed-By: des 
Responsible-Changed-When: Sat Nov 10 09:37:09 PST 2001 
Responsible-Changed-Why:  
I'll handle the MFC. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=29218 
State-Changed-From-To: feedback->closed 
State-Changed-By: des 
State-Changed-When: Tue Nov 27 05:37:49 PST 2001 
State-Changed-Why:  
MFCed. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=29218 
>Unformatted:
