bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Undefined behavior in lib/canonicalize-lgpl.c


From: Adhemerval Zanella
Subject: Re: Undefined behavior in lib/canonicalize-lgpl.c
Date: Thu, 10 Sep 2020 10:34:16 -0300
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0

On 10/09/2020 05:32, Florian Weimer wrote:
> We have received a report that the glibc realpath implementation
> exhibits undefined behavior:
> 
>   <https://sourceware.org/bugzilla/show_bug.cgi?id=26592>
> 
> In gnulib, the code is in lib/canonicalize-lgpl.c:
> 
>     234           if (!ISSLASH (dest[-1]))
>     235             *dest++ = '/';
>     236 
>     237           if (dest + (end - start) >= rpath_limit)
>     238             {
>     239               ptrdiff_t dest_offset = dest - rpath;
>     240               char *new_rpath;

I think the lib/canonicalize.c is also affected:

204           if (!ISSLASH (dest[-1]))                                          
                         
205             *dest++ = '/';                                                  
                         
206 
207           if (dest + (end - start) >= rname_limit)                          
                         
208             {                                                               
                         
209               ptrdiff_t dest_offset = dest - rname;                         
                         
210               size_t new_size = rname_limit - rname;


On glibc side I will check if BZ#10635 is still applicable (to basically
sync gnulib and glibc implementation) and send some other realtime fixes
as well (BZ #26241, BZ #26592, and BZ #24970).



reply via email to

[Prev in Thread] Current Thread [Next in Thread]