Fixed <stdio.h> file and dereferencing bugs by ZERICO2005 · Pull Request #807 · CE-Programming/toolchain

ZERICO2005 · 2026-06-19T17:15:32Z

Fixed the following issues:

[P2] clearerr indexes file streams off by one: src/libc/clearerr.c:13. fopen stores slot 1 at _file_streams[0], but clearerr uses _file_streams[stream->slot]; slot 5 writes past FOPEN_MAX.
[P2] fread(stdin, ...) reports full success after EOF/partial reads: src/libc/fread.c:20. The loop stops on EOF but returns count unconditionally instead of completed elements.
[P2] fwrite(stdout, size=0, ...) divides by zero: src/libc/fwrite.c:17. For zero-sized writes, the loop does nothing, then returns num / size.

Also fixed:

Dereferencing FILE * stream when it is NULL, stdin, stdout, or stderr.
return value for fseek and ftell

ZERICO2005 · 2026-06-19T17:16:33Z


 size_t fwrite(const void *__restrict ptr, size_t size, size_t count, FILE *__restrict stream);

-long int ftell(FILE *stream) __attribute__((__warn_unused_result__));


long int is archaic, so I have replaced it with just plain long.

ZERICO2005 · 2026-06-19T17:17:45Z

+    uint8_t index = stream->slot - 1;
+    _file_streams[index].eof = 0;
+    _file_streams[index].err = 0;


fixed off by one error, since stream->slot is 1-indexed instead of 0-indexed

ZERICO2005 · 2026-06-19T17:18:38Z


-    _file_streams[slot - 1].slot = 0;
-
    int status = ti_Close(slot);


Only closing the file in libc if and only if fileioc was able to successfully close the file

ZERICO2005 · 2026-06-19T17:19:38Z

+    if (stream == NULL || stream == stdin || stream == stdout || stream == stderr)
+    {
+        return 0;
+    }


We cannot dereference stream if it is NULL, stdin, stdout, or stderr

ZERICO2005 · 2026-06-19T17:20:33Z

+
    if (c == EOF)
    {
        stream->eof = 1;


I fixed things so stdin, stdout, and stderr are not dereferenced here

ZERICO2005 · 2026-06-19T17:21:47Z

+        size_t bytes_read = 0;

-        for (; len > 0; len--)
+        for (; len --> 0;)


This is a more common idiom for writing the decrementing count

No it fucking isn't

ZERICO2005 · 2026-06-19T17:22:22Z

    }
-
-    return ti_Seek((int)offset, origin, stream->slot);
+    return (ti_Seek((int)offset, origin, stream->slot) == EOF) ? -1 : 0;


fseek returns 0 on success and non-zero otherwise

ZERICO2005 · 2026-06-19T17:23:08Z

    // ti_Tell shouldn't return a value greater than OS_VAR_MAX_SIZE (65512) unless an error occurs
    uint16_t ret = ti_Tell(stream->slot);
    // Convert a result of UINT16_MAX to -1L, leaving other results the same
-    return ((uint16_t)ret + 1) - 1L;


This had an integer promotion bug. (uint16_t)ret + 1 results in int, not uint16_t

ZERICO2005 · 2026-06-19T17:25:18Z

+    C(fseek(file, 0, SEEK_END) == 0);
    int file_size = ftell(file);
-    fseek(file, 0, SEEK_SET);
+    C(fseek(file, 0, SEEK_SET) == 0);


Added some basic return value checks. Mostly important fseek since it returned the wrong value prior.

Fixed <stdio.h> file and dereferencing bugs

78c0cb8

ZERICO2005 added the libc label Jun 19, 2026

ZERICO2005 commented Jun 19, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fixed <stdio.h> file and dereferencing bugs#807

Fixed <stdio.h> file and dereferencing bugs#807
ZERICO2005 wants to merge 1 commit into
masterfrom
stdio_patch

ZERICO2005 commented Jun 19, 2026 •

edited

Loading

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

mateoconlechuga Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

ZERICO2005 Jun 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants


		size_t fwrite(const void __restrict ptr, size_t size, size_t count, FILE __restrict stream);

		long int ftell(FILE *stream) __attribute__((__warn_unused_result__));


		_file_streams[slot - 1].slot = 0;

		int status = ti_Close(slot);

Uh oh!

Conversation

ZERICO2005 commented Jun 19, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants

ZERICO2005 commented Jun 19, 2026 •

edited

Loading