This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/17542] conditional jump depends on uninitialised value in svc_getreq_common
- From: "carlos at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 06 Nov 2014 21:53:01 +0000
- Subject: [Bug libc/17542] conditional jump depends on uninitialised value in svc_getreq_common
- Auto-submitted: auto-generated
- References: <bug-17542-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17542
Carlos O'Donell <carlos at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |carlos at redhat dot com
--- Comment #2 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Andreas Schwab from comment #1)
> I can't see how that can fix anything if the index is outside the bounds of
> xports.
The failure itself only happens if xprt_register is not called to register the
service, in which case the entry in xports is uninitialized.
Granted this is technically an improper use of the API, but using calloc
hardens svc_getreq_common at the cost of using calloc.
I think we should switch to calloc to allow svc_getreq_common to detect
unregistered handles and ignore them.
All of this doesn't fix the failure mode that results from changing the process
fd limit after initializing xports. Fixing that would require checking if fd
was outside of xports[] at each service check, but that cost is in the hot
path, and I'd like to avoid it.
Just a reminder that sunrpc is legacy, and new applications should be using
TIRPC.
--
You are receiving this mail because:
You are on the CC list for the bug.