This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 1/5] __fdelt_chk: Removed range check
- From: KOSAKI Motohiro <kosaki dot motohiro at gmail dot com>
- To: Allan McRae <allan at archlinux dot org>
- Cc: "Carlos O'Donell" <carlos at redhat dot com>, Andreas Jaeger <aj at suse dot com>, libc-alpha <libc-alpha at sourceware dot org>
- Date: Tue, 7 May 2013 13:56:53 -0400
- Subject: Re: [PATCH 1/5] __fdelt_chk: Removed range check
- References: <CAHGf_=qewv9SqnjRei0NXuODc_ZW0erm5JkBb1r6T+kgGkuK=w at mail dot gmail dot com> <51843C3D dot 7010701 at archlinux dot org> <518670E1 dot 9040006 at redhat dot com> <5186E7B2 dot 6040502 at archlinux dot org>
> Is there a simple way to check which software will crash with this
> change? That way we can assess what is the probability thing will
> crash? Perhaps that will give us an idea what the probability third
> party software will be affected?
The difficulty depend on that you can allow overlooking or not. IOW, there is
no simple and exact checking way.
Technically, the condition is,
- Uses much FDs larger than FD_SETSIZE.
- Allocate fd_set as dynamic array (by malloc, calloc or something).
- Uses FD_SET, FD_CLR, or FD_ISSET.
The difficulty is, both malloc and FD_SET is too frequently used and
grep unfriendly.
You can also use the following heuristics. but please keep mind they
may have false positive/negative.
- Sometimes, A software which uses the Linux extension uses howmany()
macro. but there are several exceptions. at least, glibc manual allow not
to use howmany.
- Sometimes, A software which uses the Linux extension doesn't use
FD_ZERO because calloc() initialized file descriptor bitmaps and
FD_ZERO is not necessary. But there are exceptions too. Several
softwares prefer to initialize explicitly by FD_ZERO.
So, you need manual inspection anyway. Please let me know if you have
an alternative good idea to asses this.