This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/14752] Unsafe use of alloca in shm_open


http://sourceware.org/bugzilla/show_bug.cgi?id=14752

--- Comment #3 from Ondrej Bilka <neleai at seznam dot cz> 2013-05-06 08:24:12 UTC ---
On Sun, May 05, 2013 at 03:17:54PM +0000, bugdal at aerifal dot cx wrote:
> http://sourceware.org/bugzilla/show_bug.cgi?id=14752
> 
> --- Comment #2 from Rich Felker <bugdal at aerifal dot cx> 2013-05-05 15:17:54 UTC ---
> Well despite the standard not requiring it, it may be nice to provide a
> shm_open which is async-signal-safe. Using malloc would preclude that. Limiting
> the buffer length to NAME_MAX+sizeof("/dev/shm/") should work just as well.
>
Then bug is in not checking size. You can add test if it is more than
PATH_MAX and set errno to ENAMETOOLONG. Alloca will run fine.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]