This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] vfprint: validate nargs and argument-based offsets

From: Paul Eggert <eggert at cs dot ucla dot edu>
To: Kees Cook <kees at outflux dot net>
Cc: libc-alpha at sourceware dot org
Date: Fri, 02 Mar 2012 12:01:57 -0800
Subject: Re: [PATCH] vfprint: validate nargs and argument-based offsets
References: <20120302185346.GE3990@outflux.net> <4F511B15.6000400@cs.ucla.edu> <20120302195320.GG3990@outflux.net>

On 03/02/2012 11:53 AM, Kees Cook wrote:
> Out of about 20 failure conditions, only 3 seem to set errno:

I don't think that's counting things correctly.  For example:

		workstart = (CHAR_T *) malloc (needed);
		if (workstart == NULL)
		  {
		    done = -1;
		    goto all_done;
		  }

This doesn't set errno directly, but it reuses the errno value that
malloc set, which is fine; and yet your 'grep' script miscounts this
as not setting errno.

> Perhaps this could be an additional patch, after vfprintf-nargs is
> committed?

Quite possibly there are other failures in vfprintf where errno is
not properly set, and these bugs could be fixed by an additional patch,
but it'd be nice if the nargs-validation patch did not introduce
a further bug in this area.

Follow-Ups:
- Re: [PATCH] vfprint: validate nargs and argument-based offsets
  - From: Kees Cook

References:
- [PATCH] vfprint: validate nargs and argument-based offsets
  - From: Kees Cook
- Re: [PATCH] vfprint: validate nargs and argument-based offsets
  - From: Paul Eggert
- Re: [PATCH] vfprint: validate nargs and argument-based offsets
  - From: Kees Cook

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]