This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite

From: Florian Weimer <fweimer at redhat dot com>
To: Paul Pluzhnikov <ppluzhnikov at google dot com>, Paul Eggert <eggert at cs dot ucla dot edu>
Cc: Alexander Cherepanov <ch3root at openwall dot com>, Rich Felker <dalias at libc dot org>, GLIBC Devel <libc-alpha at sourceware dot org>, "Joseph S. Myers" <joseph at codesourcery dot com>
Date: Thu, 10 Dec 2015 20:49:24 +0100
Subject: Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
Authentication-results: sourceware.org; auth=none
References: <CALoOobOpSFwNOqD2RbsSQ95+16=xWN=fTpDJZqgPGJPSXCDmEA at mail dot gmail dot com> <20151026200605 dot GI8645 at brightrain dot aerifal dot cx> <CALoOobPxCPN_Lwvc98CevgCJMwHa_9cURZsALsLeG+SPDSF+Xw at mail dot gmail dot com> <CALoOobOn9ni8FXK3W4ZGAEHSnYAEVUn10agEyC8NO62TyWg0ig at mail dot gmail dot com> <562FC0A8 dot 1080603 at openwall dot com> <CALoOobOxcxieyrfNf9Eg=wmymDyKUPZ_F+atPP+Af8dyYjez_w at mail dot gmail dot com> <5665D571 dot 3090504 at cs dot ucla dot edu> <CALoOobOm6waSvc+pS0DeNFDUq11MNL3xn0XeRNp2vVyOw7=pBA at mail dot gmail dot com>

On 12/10/2015 08:43 PM, Paul Pluzhnikov wrote:
> On Mon, Dec 7, 2015 at 10:52 AM, Paul Eggert <eggert@cs.ucla.edu> wrote:
> 
>> The above comments suggest that this patch is part of a larger maintenance
>> problem with glibc and integer overflow checking.  To simplify maintenance,
>> I suggest instead that we leave cdefs.h alone, and instead copy and include
>> gnulib's intprops.h for internal use only inside glibc, and use intprops.h's
>> macro 'INT_MULTIPLY_OVERFLOW (a, b)' instead of defining and using
>> '__umul_size_t_overflow (a, b)'.  This would simplify maintenance in the
>> long run, as it already incorporates all the above comments.  Please see:
>>
>> http://git.savannah.gnu.org/cgit/gnulib.git/tree/lib/intprops.h
> 
> Sigh. A "simple" overflow check in _IO_fread turned into a multi-month
> ordeal ...

I don't think we want to import intprops.h because it is totally opaque.

> While I agree that what you are proposing is probably better, I am not
> currently prepared to undertake that change. I'll un-assign BZ19165
> from myself instead.

Do you mind if I try to move this forward?

Thanks,
Florian

Follow-Ups:
- Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
  - From: Paul Pluzhnikov

References:
- Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
  - From: Paul Pluzhnikov
- Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
  - From: Paul Eggert
- Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
  - From: Paul Pluzhnikov

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]