This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2] locale: don't crash if locale-archive contains all zeros
- From: OndÅej BÃlka <neleai at seznam dot cz>
- To: Andreas Schwab <schwab at linux-m68k dot org>
- Cc: Aurelien Jarno <aurelien at aurel32 dot net>, libc-alpha at sourceware dot org, Carlos O'Donell <carlos at redhat dot com>
- Date: Tue, 3 Dec 2013 12:40:54 +0100
- Subject: Re: [PATCH v2] locale: don't crash if locale-archive contains all zeros
- Authentication-results: sourceware.org; auth=none
- References: <1385897760-24820-1-git-send-email-aurelien at aurel32 dot net> <87txeqji2q dot fsf at igel dot home>
On Tue, Dec 03, 2013 at 12:21:33PM +0100, Andreas Schwab wrote:
> Aurelien Jarno <aurelien@aurel32.net> writes:
>
> > diff --git a/locale/loadarchive.c b/locale/loadarchive.c
> > index 70136dc..f723780 100644
> > --- a/locale/loadarchive.c
> > +++ b/locale/loadarchive.c
> > @@ -274,6 +274,10 @@ _nl_load_locale_from_archive (int category, const char **namep)
> > namehashtab = (struct namehashent *) ((char *) head
> > + head->namehash_offset);
> >
> > + /* Avoid division by 0 if the file is corrupted. */
> > + if (__glibc_unlikely (head->namehash_size == 0))
> > + goto close_and_out;
> > +
> > idx = hval % head->namehash_size;
> > incr = 1 + hval % (head->namehash_size - 2);
>
> That won't help for head->namehash_size == 2, or any other corruptions.
>
Which is less common zeroed file. Proper solution would be starting
files with magic constant which is too late to add.
Do you have idea to detect corruption other than changing check to
head->namehash_size == 0 || head->namehash_size == 2