diff mbox series

[v3] resolv/nss_dns/dns-host: Get rid of alloca.

Message ID 20230814141103.2387799-1-josimmon@redhat.com
State New
Headers show
Series [v3] resolv/nss_dns/dns-host: Get rid of alloca. | expand

Commit Message

Joe Simmons-Talbott Aug. 14, 2023, 2:10 p.m. UTC 
Since the alloca is a small constant size use an array instead.
---
Changes to v2:
  * Move tmp back into lower scope

 resolv/nss_dns/dns-host.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Andreas Schwab Aug. 14, 2023, 2:23 p.m. UTC | #1 
On Aug 14 2023, Joe Simmons-Talbott via Libc-alpha wrote:

> diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
> index 1d60c51f5e..160a017d42 100644
> --- a/resolv/nss_dns/dns-host.c
> +++ b/resolv/nss_dns/dns-host.c
> @@ -395,8 +395,8 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
>     */
>    if (strchr (name, '.') == NULL)
>      {
> -      char *tmp = alloca (NS_MAXDNAME);
> -      const char *cp = __res_context_hostalias (ctx, name, tmp, NS_MAXDNAME);
> +      char tmp[NS_MAXDNAME];
> +      const char *cp = __res_context_hostalias (ctx, name, tmp, sizeof (tmp));
>        if (cp != NULL)
>  	name = cp;
>      }

We don't tolerate undefined behaviour in glibc.
Siddhesh Poyarekar Aug. 14, 2023, 2:23 p.m. UTC | #2 
On 2023-08-14 10:10, Joe Simmons-Talbott via Libc-alpha wrote:
> Since the alloca is a small constant size use an array instead.
> ---
> Changes to v2:
>    * Move tmp back into lower scope
> 
>   resolv/nss_dns/dns-host.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)

LGTM.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

> 
> diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
> index 1d60c51f5e..160a017d42 100644
> --- a/resolv/nss_dns/dns-host.c
> +++ b/resolv/nss_dns/dns-host.c
> @@ -395,8 +395,8 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
>      */
>     if (strchr (name, '.') == NULL)
>       {
> -      char *tmp = alloca (NS_MAXDNAME);
> -      const char *cp = __res_context_hostalias (ctx, name, tmp, NS_MAXDNAME);
> +      char tmp[NS_MAXDNAME];
> +      const char *cp = __res_context_hostalias (ctx, name, tmp, sizeof (tmp));
>         if (cp != NULL)
>   	name = cp;
>       }
Siddhesh Poyarekar Aug. 14, 2023, 2:28 p.m. UTC | #3 
On 2023-08-14 10:23, Andreas Schwab via Libc-alpha wrote:
> On Aug 14 2023, Joe Simmons-Talbott via Libc-alpha wrote:
> 
>> diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
>> index 1d60c51f5e..160a017d42 100644
>> --- a/resolv/nss_dns/dns-host.c
>> +++ b/resolv/nss_dns/dns-host.c
>> @@ -395,8 +395,8 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
>>      */
>>     if (strchr (name, '.') == NULL)
>>       {
>> -      char *tmp = alloca (NS_MAXDNAME);
>> -      const char *cp = __res_context_hostalias (ctx, name, tmp, NS_MAXDNAME);
>> +      char tmp[NS_MAXDNAME];
>> +      const char *cp = __res_context_hostalias (ctx, name, tmp, sizeof (tmp));
>>         if (cp != NULL)
>>   	name = cp;
>>       }
> 
> We don't tolerate undefined behaviour in glibc.
> 

Ah, sorry I hadn't noticed that cp escapes that scope.  Joe, your v2 is 
correct.

Thanks,
Sid
Joe Simmons-Talbott Aug. 14, 2023, 3:01 p.m. UTC | #4 
On Mon, Aug 14, 2023 at 10:28:07AM -0400, Siddhesh Poyarekar wrote:
> On 2023-08-14 10:23, Andreas Schwab via Libc-alpha wrote:
> > On Aug 14 2023, Joe Simmons-Talbott via Libc-alpha wrote:
> > 
> > > diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
> > > index 1d60c51f5e..160a017d42 100644
> > > --- a/resolv/nss_dns/dns-host.c
> > > +++ b/resolv/nss_dns/dns-host.c
> > > @@ -395,8 +395,8 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
> > >      */
> > >     if (strchr (name, '.') == NULL)
> > >       {
> > > -      char *tmp = alloca (NS_MAXDNAME);
> > > -      const char *cp = __res_context_hostalias (ctx, name, tmp, NS_MAXDNAME);
> > > +      char tmp[NS_MAXDNAME];
> > > +      const char *cp = __res_context_hostalias (ctx, name, tmp, sizeof (tmp));
> > >         if (cp != NULL)
> > >   	name = cp;
> > >       }
> > 
> > We don't tolerate undefined behaviour in glibc.
> > 
> 
> Ah, sorry I hadn't noticed that cp escapes that scope.  Joe, your v2 is
> correct.

I went ahead and posted a v4 patch moving tmp back up one scope level
[1]

[1] https://sourceware.org/pipermail/libc-alpha/2023-August/150906.html

Thanks,
Joe
diff mbox series

Patch

diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index 1d60c51f5e..160a017d42 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -395,8 +395,8 @@  _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
    */
   if (strchr (name, '.') == NULL)
     {
-      char *tmp = alloca (NS_MAXDNAME);
-      const char *cp = __res_context_hostalias (ctx, name, tmp, NS_MAXDNAME);
+      char tmp[NS_MAXDNAME];
+      const char *cp = __res_context_hostalias (ctx, name, tmp, sizeof (tmp));
       if (cp != NULL)
 	name = cp;
     }