From: Ivan Grokhotkov Date: Tue, 22 Aug 2017 17:07:03 +0000 (+0800) Subject: console: initialize buf_size before calling open_memstream X-Git-Tag: v3.1-dev~371^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0ed64da963f10fa18a9f0e4bde812930bcdb364d;p=esp-idf console: initialize buf_size before calling open_memstream POSIX open_memstream documentation [1] does not mention that it may use the value supplied in buf_size before the call. newlib implementation of open_memstream does use it as a hint of the buffer size [2]. To avoid using potential garbage in this variable, newlib caps the size to 64kB (!). If the allocation of this initial buffer fails, NULL file pointer is returned. Previous code did not check returned file pointer and crashed when it was used. Initialize size to zero (in which case newlib allocates a 64 byte buffer), and check the returned file pointer. [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/open_memstream.html [2] https://github.com/espressif/newlib-esp32/blob/23c0f21/newlib/libc/stdio/open_memstream.c#L26-L29 https://github.com/espressif/newlib-esp32/blob/23c0f21/newlib/libc/stdio/open_memstream.c#L324-L336 --- diff --git a/components/console/commands.c b/components/console/commands.c index a451584d56..dfcbf450c1 100644 --- a/components/console/commands.c +++ b/components/console/commands.c @@ -105,11 +105,13 @@ esp_err_t esp_console_cmd_register(const esp_console_cmd_t *cmd) asprintf(&item->hint, " %s", cmd->hint); } else if (cmd->argtable) { /* Generate hint based on cmd->argtable */ - char* buf; - size_t buf_size; + char* buf = NULL; + size_t buf_size = 0; FILE* f = open_memstream(&buf, &buf_size); - arg_print_syntax(f, cmd->argtable, NULL); - fclose(f); + if (f != NULL) { + arg_print_syntax(f, cmd->argtable, NULL); + fclose(f); + } item->hint = buf; } item->argtable = cmd->argtable;