[Rd] segfault on write.dcf with gzfile connection

Seth Falcon sfalcon at fhcrc.org
Sun Nov 27 05:02:21 CET 2005 

I'm seeing a segfault on x86_64 Linux with the following code:

    desc = read.dcf("BAD")
    con = gzfile("test.gz", "wt")
    write.dcf(desc, file=con)
    close(con)    

where BAD has a long field (see below for example).  The crash happens
inside dummy_vfprintf.  I think the issue is that the va_list ap is
modified by the first vsnprintf call (connections.c:190) and the
subsequent vsprintf call (connections.c:194) gets an invalid va_list
arg.

The following patch improves things for me, but I've not tested on
other platforms.


Index: connections.c
===================================================================
--- connections.c       (revision 36434)
+++ connections.c       (working copy)
@@ -186,8 +186,11 @@
 {   
     char buf[BUFSIZE], *b = buf, *vmax = vmaxget();
     int res, usedRalloc = FALSE;
+    va_list aq;

-    res = vsnprintf(buf, BUFSIZE, format, ap);
+    va_copy(aq, ap);
+    res = vsnprintf(buf, BUFSIZE, format, aq);
+    va_end(aq);
     if(res >= BUFSIZE) { /* res is the desired output length */
        usedRalloc = TRUE;
        b = R_alloc(res + 1, sizeof(char));        


And here is an example BAD file, but I'm pretty sure any DCF field
with a very long value would trigger it:


Description: The package provides and API in R to query BioMart
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on
        system which produces and maintains automatic annotation on

More information about the R-devel mailing list