Add calls to va_copy and va_end to fix UB in sfprintf (#850)

Using the same `va_list` multiple times is UB, and we should call
`va_copy` before each use instead. We also need to call `va_end`.

(Pulling this out from the #828 because it was reverted).

---------

Co-authored-by: rv-jenkins <[email protected]>

nix/llvm-backend-matching.mavenix.lock

@@ -246,15 +246,15 @@
       "sha1": "fdec6f2d2514787039928bcb781f9e67f4738899"
     },
     {
-      "path": "com/runtimeverification/k/kore/1.0-SNAPSHOT/kore-1.0-20230929.174637-28.jar",
-      "sha1": "eb69f46a691abd910e46a6f37b721066e9adc804"
+      "path": "com/runtimeverification/k/kore/1.0-SNAPSHOT/kore-1.0-20230930.025149-29.jar",
+      "sha1": "04972642a285d27d20767761d593840798a5ffd5"
     },
     {
-      "path": "com/runtimeverification/k/kore/1.0-SNAPSHOT/kore-1.0-20230929.174637-28.pom",
+      "path": "com/runtimeverification/k/kore/1.0-SNAPSHOT/kore-1.0-20230930.025149-29.pom",
       "sha1": "2706d868319a03bc491350cb3a1af0927ef1a839"
     },
     {
-      "path": "com/runtimeverification/k/parent/1.0-SNAPSHOT/parent-1.0-20230929.174609-28.pom",
+      "path": "com/runtimeverification/k/parent/1.0-SNAPSHOT/parent-1.0-20230930.025126-29.pom",
       "sha1": "62b92746f9104b7966075e98dc7b69c44475c72c"
     },
     {
@@ -5337,11 +5337,11 @@
   "groupId": "com.runtimeverification.k",
   "metas": [
     {
-      "content": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<metadata modelVersion=\"1.1.0\">\n  <groupId>com.runtimeverification.k</groupId>\n  <artifactId>kore</artifactId>\n  <version>1.0-SNAPSHOT</version>\n  <versioning>\n    <snapshot>\n      <timestamp>20230929.174637</timestamp>\n      <buildNumber>28</buildNumber>\n    </snapshot>\n    <lastUpdated>20230929174637</lastUpdated>\n    <snapshotVersions>\n      <snapshotVersion>\n        <extension>jar</extension>\n        <value>1.0-20230929.174637-28</value>\n        <updated>20230929174637</updated>\n      </snapshotVersion>\n      <snapshotVersion>\n        <extension>pom</extension>\n        <value>1.0-20230929.174637-28</value>\n        <updated>20230929174637</updated>\n      </snapshotVersion>\n    </snapshotVersions>\n  </versioning>\n</metadata>",
+      "content": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<metadata modelVersion=\"1.1.0\">\n  <groupId>com.runtimeverification.k</groupId>\n  <artifactId>kore</artifactId>\n  <version>1.0-SNAPSHOT</version>\n  <versioning>\n    <snapshot>\n      <timestamp>20230930.025149</timestamp>\n      <buildNumber>29</buildNumber>\n    </snapshot>\n    <lastUpdated>20230930025149</lastUpdated>\n    <snapshotVersions>\n      <snapshotVersion>\n        <extension>jar</extension>\n        <value>1.0-20230930.025149-29</value>\n        <updated>20230930025149</updated>\n      </snapshotVersion>\n      <snapshotVersion>\n        <extension>pom</extension>\n        <value>1.0-20230930.025149-29</value>\n        <updated>20230930025149</updated>\n      </snapshotVersion>\n    </snapshotVersions>\n  </versioning>\n</metadata>",
       "path": "com/runtimeverification/k/kore/1.0-SNAPSHOT"
     },
     {
-      "content": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<metadata modelVersion=\"1.1.0\">\n  <groupId>com.runtimeverification.k</groupId>\n  <artifactId>parent</artifactId>\n  <version>1.0-SNAPSHOT</version>\n  <versioning>\n    <snapshot>\n      <timestamp>20230929.174609</timestamp>\n      <buildNumber>28</buildNumber>\n    </snapshot>\n    <lastUpdated>20230929174609</lastUpdated>\n    <snapshotVersions>\n      <snapshotVersion>\n        <extension>pom</extension>\n        <value>1.0-20230929.174609-28</value>\n        <updated>20230929174609</updated>\n      </snapshotVersion>\n    </snapshotVersions>\n  </versioning>\n</metadata>",
+      "content": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<metadata modelVersion=\"1.1.0\">\n  <groupId>com.runtimeverification.k</groupId>\n  <artifactId>parent</artifactId>\n  <version>1.0-SNAPSHOT</version>\n  <versioning>\n    <snapshot>\n      <timestamp>20230930.025126</timestamp>\n      <buildNumber>29</buildNumber>\n    </snapshot>\n    <lastUpdated>20230930025126</lastUpdated>\n    <snapshotVersions>\n      <snapshotVersion>\n        <extension>pom</extension>\n        <value>1.0-20230930.025126-29</value>\n        <updated>20230930025126</updated>\n      </snapshotVersion>\n    </snapshotVersions>\n  </versioning>\n</metadata>",
       "path": "com/runtimeverification/k/parent/1.0-SNAPSHOT"
     }
   ],

runtime/util/ConfigurationPrinter.cpp

@@ -90,30 +90,40 @@ void sfprintf(writer *file, const char *fmt, ...) {
   } else {
     char buf[8192];
     char *finalBuf = buf;
+    va_list args_copy;
+    va_copy(args_copy, args);
     int res = vsnprintf(
         buf + sizeof(blockheader), sizeof(buf) - sizeof(blockheader), fmt,
         args);
     if (res >= sizeof(buf) - sizeof(blockheader)) {
       size_t size = sizeof(buf) * 2;
       finalBuf = (char *)malloc(size);
       memcpy(finalBuf, buf, sizeof(buf));
+      va_list args_temp;
+      va_copy(args_temp, args_copy);
       res = vsnprintf(
           finalBuf + sizeof(blockheader), size - sizeof(blockheader), fmt,
-          args);
+          args_temp);
+      va_end(args_temp);
       if (res >= size - sizeof(blockheader)) {
         do {
           size *= 2;
           finalBuf = (char *)realloc(finalBuf, size);
+          va_list args_temp;
+          va_copy(args_temp, args_copy);
           res = vsnprintf(
               finalBuf + sizeof(blockheader), size - sizeof(blockheader), fmt,
-              args);
+              args_temp);
+          va_end(args_temp);
         } while (res >= size - sizeof(blockheader));
       }
     }
+    va_end(args_copy);
     string *str = (string *)finalBuf;
     init_with_len(str, res);
     hook_BUFFER_concat(file->buffer, str);
   }
+  va_end(args);
 }
 
 void printComma(writer *file, void *state) {