Re: [PATCH] vasnprintf: fix potential use after free

From: Eric Blake
Subject: Re: [PATCH] vasnprintf: fix potential use after free
Date: Mon, 08 Dec 2014 08:24:01 -0700
On 12/07/2014 07:29 PM, Paul Eggert wrote:
> Pádraig Brady wrote:
>> BTW if free() may reset errno on some platforms then it's
>> probably worth augmenting the gnulib free() wrapper
>> to restore errno if needed,
> The documented GNU behavior for 'free' allows 'free' to set errno,
> right?  So why should the corresponding gnulib wrapper guarantee
> behavior above and beyond what GNU implements?

Only implicitly (basically, any function that does not explicitly state
that errno is left unchanged is free to change errno as a side effect on
success).  But the POSIX proposal is that free should be one of the
functions that guarantees that errno can't be clobbered on success; and
GNU should probably implement that now rather than waiting a few years
for the POSIX proposal to become standardized.

> It might make sense to have a variant of 'free' that preserves errno,
> but we should probably give the variant a different name.  'noerr_free',
> say.

I'm not sure a variant is needed; if we can get glibc to guarantee the
POSIX proposal now, then we would merely be guaranteeing sane behavior
on all platforms.

