Message ID | alpine.DEB.2.20.1712181844230.26421@digraph.polyomino.org.uk |
---|---|
State | New |
Headers | show |
Series | Fix nscd readlink argument aliasing (bug 22446) | expand |
On 12/18/2017 10:44 AM, Joseph Myers wrote: > Current GCC mainline detects that nscd calls readlink with the same > buffer for both input and output, which is not valid (those arguments > are both restrict-qualified in POSIX). This patch makes it use a > separate buffer for readlink's input (with a size that is sufficient > to avoid truncation, so there should be no problems with warnings > about possible truncation, though not strictly minimal, but much > smaller than the buffer for output) to avoid this problem. > > Tested compilation for aarch64-linux-gnu with build-many-glibcs.py. > > 2017-12-18 Joseph Myers <joseph@codesourcery.com> > > [BZ #22446] > * nscd/connections.c (handle_request) [SO_PEERCRED]: Use separate > buffers for readlink input and output. LGTM. Reviewed-by: Carlos O'Donell <carlos@redhat.com> > diff --git a/nscd/connections.c b/nscd/connections.c > index cc1ed72..dab722d 100644 > --- a/nscd/connections.c > +++ b/nscd/connections.c > @@ -1077,14 +1077,15 @@ cannot handle old request version %d; current version is %d"), > if (debug_level > 0) > { > #ifdef SO_PEERCRED > + char pbuf[sizeof ("/proc//exe") + 3 * sizeof (long int)]; > # ifdef PATH_MAX > char buf[PATH_MAX]; > # else > char buf[4096]; > # endif > > - snprintf (buf, sizeof (buf), "/proc/%ld/exe", (long int) pid); > - ssize_t n = readlink (buf, buf, sizeof (buf) - 1); > + snprintf (pbuf, sizeof (pbuf), "/proc/%ld/exe", (long int) pid); > + ssize_t n = readlink (pbuf, buf, sizeof (buf) - 1); > > if (n <= 0) > dbg_log (_("\ >
diff --git a/nscd/connections.c b/nscd/connections.c index cc1ed72..dab722d 100644 --- a/nscd/connections.c +++ b/nscd/connections.c @@ -1077,14 +1077,15 @@ cannot handle old request version %d; current version is %d"), if (debug_level > 0) { #ifdef SO_PEERCRED + char pbuf[sizeof ("/proc//exe") + 3 * sizeof (long int)]; # ifdef PATH_MAX char buf[PATH_MAX]; # else char buf[4096]; # endif - snprintf (buf, sizeof (buf), "/proc/%ld/exe", (long int) pid); - ssize_t n = readlink (buf, buf, sizeof (buf) - 1); + snprintf (pbuf, sizeof (pbuf), "/proc/%ld/exe", (long int) pid); + ssize_t n = readlink (pbuf, buf, sizeof (buf) - 1); if (n <= 0) dbg_log (_("\