From patchwork Thu Dec 22 16:29:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joseph Myers X-Patchwork-Id: 1718908 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4NdG3m6NMYz1ydb for ; Fri, 23 Dec 2022 03:29:24 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 8EF43385B53F for ; Thu, 22 Dec 2022 16:29:22 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from esa4.mentor.iphmx.com (esa4.mentor.iphmx.com [68.232.137.252]) by sourceware.org (Postfix) with ESMTPS id C7FB73858D1E for ; Thu, 22 Dec 2022 16:29:12 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C7FB73858D1E Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=codesourcery.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=mentor.com X-IronPort-AV: E=Sophos;i="5.96,265,1665475200"; d="scan'208";a="90625419" Received: from orw-gwy-01-in.mentorg.com ([192.94.38.165]) by esa4.mentor.iphmx.com with ESMTP; 22 Dec 2022 08:29:08 -0800 IronPort-SDR: qFbfGORXX+qf68lrWJUG+BM4yaBOWPqz1P2nigkmo1bT6H/h89oTgIGuuyNPrIZchjzv6eN/Mh bJUoxV6HcZpEojEo1jLrK8iz6/E3rc05fwNFDhJLTihqV6hUyxSYmv25zgWaFajMm1sUziMUXF 45/u2IG2GseXLasddk18MInn8liF2IgVHwO5SpXLgmG6GL6iP7e+6Mtb9g83aG9GKEkroBqUav 6OSh3sLY+ifta1F3nsv0ZTVos2ZM1vVfnRdD+rdzRPr96lOi/Fj6IF9gejbAXIRYwteefk/5Az hfw= Date: Thu, 22 Dec 2022 16:29:02 +0000 From: Joseph Myers To: Subject: Avoid use of atoi in malloc Message-ID: <3ae9534d-e31-95ee-25ea-93707dddf34a@codesourcery.com> MIME-Version: 1.0 X-Originating-IP: [137.202.0.90] X-ClientProxiedBy: svr-ies-mbx-15.mgc.mentorg.com (139.181.222.15) To svr-ies-mbx-10.mgc.mentorg.com (139.181.222.10) X-Spam-Status: No, score=-3115.3 required=5.0 tests=BAYES_00, GIT_PATCH_0, HEADER_FROM_DIFFERENT_DOMAINS, KAM_DMARC_STATUS, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+incoming=patchwork.ozlabs.org@sourceware.org Sender: "Libc-alpha" This patch is analogous to commit a3708cf6b0a5a68e2ed1ce3db28a03ed21d368d2. atoi has undefined behavior on out-of-range input, which makes it problematic to use anywhere in glibc that might be processing input out-of-range for atoi but not specified to produce undefined behavior for the function calling atoi. In conjunction with the C2x strtol changes, use of atoi in libc can also result in localplt test failures because the redirection for strtol does not interact properly with the libc_hidden_proto call for __isoc23_strtol for the call in the inline atoi implementation. In malloc/arena.c, this issue shows up for atoi calls that are only compiled for --disable-tunables (thus with the x86_64-linux-gnu-minimal configuration of build-many-glibcs.py, for example). Change those atoi calls to use strtol directly, as in the previous such changes. Tested for x86_64 (--disable-tunables). diff --git a/malloc/arena.c b/malloc/arena.c index f381f18371..840129e956 100644 --- a/malloc/arena.c +++ b/malloc/arena.c @@ -386,34 +386,39 @@ ptmalloc_init (void) if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "TOP_PAD_", 8) == 0) - __libc_mallopt (M_TOP_PAD, atoi (&envline[9])); + __libc_mallopt (M_TOP_PAD, strtol (&envline[9], NULL, 10)); else if (memcmp (envline, "PERTURB_", 8) == 0) - __libc_mallopt (M_PERTURB, atoi (&envline[9])); + __libc_mallopt (M_PERTURB, strtol (&envline[9], NULL, 10)); } break; case 9: if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "MMAP_MAX_", 9) == 0) - __libc_mallopt (M_MMAP_MAX, atoi (&envline[10])); + __libc_mallopt (M_MMAP_MAX, strtol (&envline[10], + NULL, 10)); else if (memcmp (envline, "ARENA_MAX", 9) == 0) - __libc_mallopt (M_ARENA_MAX, atoi (&envline[10])); + __libc_mallopt (M_ARENA_MAX, strtol (&envline[10], + NULL, 10)); } break; case 10: if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "ARENA_TEST", 10) == 0) - __libc_mallopt (M_ARENA_TEST, atoi (&envline[11])); + __libc_mallopt (M_ARENA_TEST, strtol (&envline[11], + NULL, 10)); } break; case 15: if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "TRIM_THRESHOLD_", 15) == 0) - __libc_mallopt (M_TRIM_THRESHOLD, atoi (&envline[16])); + __libc_mallopt (M_TRIM_THRESHOLD, strtol (&envline[16], + NULL, 10)); else if (memcmp (envline, "MMAP_THRESHOLD_", 15) == 0) - __libc_mallopt (M_MMAP_THRESHOLD, atoi (&envline[16])); + __libc_mallopt (M_MMAP_THRESHOLD, strtol (&envline[16], + NULL, 10)); } break; default: