This is the mail archive of the
gdb-prs@sources.redhat.com
mailing list for the GDB project.
gdb/656: gdb_realpath crashes on GNU/Hurd
- From: marcus at gnu dot org
- To: gdb-gnats at sources dot redhat dot com
- Date: 17 Aug 2002 21:17:47 -0000
- Subject: gdb/656: gdb_realpath crashes on GNU/Hurd
- Reply-to: marcus at gnu dot org
>Number: 656
>Category: gdb
>Synopsis: gdb_realpath crashes on GNU/Hurd
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Aug 17 14:18:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: marcus@gnu.org
>Release: 5.2.1
>Organization:
>Environment:
GNU/Hurd
>Description:
Hi,
this is another crash on the GNU/Hurd which exists for some longer time and I forgot about it.
gdb_realpath was at some time changed to prefer realpath over canonicalize_file_name. This is bad!
First, please note that the definition of realpath() itself is bogus, and its interface is not really usable in POSIX. This is because the definition of PATH_MAX is optional, and even pathconf ("/", _PC_PATH_MAX) can return -1, meaning that there is no limit.
This is what happens on the Hurd. Now, the realpath preferring code does an uncehcked alloca on the return value of pathconf. This alloca's -1 byte (haha) and then subsequently crashes in the xstrdup function.
This is since this change:
2002-03-14 Richard Henderson <rth@redhat.com>
(gdb_realpath): Prefer realpath if available and usable.
>How-To-Repeat:
For example, the "file" command will crash gdb with a segmentation fault.
>Fix:
Don't use realpath! It's broken. It can not be made work. When using realpath on the Hurd, there is always the danger of a buffer overflow.
Instead, use canonicalize_file_name, or realpath with a buffer of NULL (which is the recommended interface for a future POSIX version). That's why we have this feature, and this is why the code originally preferred it.
Thanks!
>Release-Note:
>Audit-Trail:
>Unformatted: