This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/14752] Unsafe use of alloca in shm_open
- From: "neleai at seznam dot cz" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Mon, 06 May 2013 08:24:12 +0000
- Subject: [Bug libc/14752] Unsafe use of alloca in shm_open
- Auto-submitted: auto-generated
- References: <bug-14752-131 at http dot sourceware dot org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=14752
--- Comment #3 from Ondrej Bilka <neleai at seznam dot cz> 2013-05-06 08:24:12 UTC ---
On Sun, May 05, 2013 at 03:17:54PM +0000, bugdal at aerifal dot cx wrote:
> http://sourceware.org/bugzilla/show_bug.cgi?id=14752
>
> --- Comment #2 from Rich Felker <bugdal at aerifal dot cx> 2013-05-05 15:17:54 UTC ---
> Well despite the standard not requiring it, it may be nice to provide a
> shm_open which is async-signal-safe. Using malloc would preclude that. Limiting
> the buffer length to NAME_MAX+sizeof("/dev/shm/") should work just as well.
>
Then bug is in not checking size. You can add test if it is more than
PATH_MAX and set errno to ENAMETOOLONG. Alloca will run fine.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.