[iphone] Add missing va_start()/va_end() around reused argument list

The ipair_tx() function uses a va_list twice (first to calculate the formatted string length before allocation, then to construct the string in the allocated buffer) but is missing the va_start() and va_end() around the second usage. This is undefined behaviour that happens to work on some build platforms. Fix by adding the missing va_start() and va_end() around the second usage of the variadic argument list. Reported-by: Andreas Hammarskjöld <andreas@2PintSoftware.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>
ipxe · Oct 24, 2023 · 115707c · 115707c
1 parent ff0f860
commit 115707c
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/drivers/net/iphone.c b/src/drivers/net/iphone.c
@@ -1304,7 +1304,9 @@ ipair_tx ( struct ipair *ipair, const char *fmt, ... ) {
 	memset ( hdr, 0, sizeof ( *hdr ) );
 	hdr->len = htonl ( len );
 	msg = iob_put ( iobuf, len );
+	va_start ( args, fmt );
 	vsnprintf ( msg, len, fmt, args );
+	va_end ( args );
 	DBGC2 ( ipair, "IPAIR %p transmitting:\n%s\n", ipair, msg );
 
 	/* Transmit message */