This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH][BZ #15670] Replace alloca in __tzfile_read by malloc.


On Monday 14 October 2013 10:49:52 OndÅej BÃlka wrote:
> On Mon, Oct 14, 2013 at 02:03:57PM +0000, Joseph S. Myers wrote:
> > On Mon, 14 Oct 2013, Ondrej Bilka wrote:
> > > This is one of bugs that take longer to read than to fix. There is a
> > > unbound alloca and obvious limit is PATH_MAX.
> > 
> > This also doesn't deal with the point in the bug that strlen (either
> > strlen) could overflow the "unsigned int" variables.
> > 
> > You need to change both variables to size_t and check __libc_use_alloca
> > to determine whether to use alloca or malloc.
> 
> And what is alloca doing there anyway? This code is in no way
> performance critical so malloc should suffice.
> ...
> @@ -157,7 +157,7 @@ __tzfile_read (const char *file, size_t extra, char
> **extrap) else
>  	tzdir_len = strlen (tzdir);
>        len = strlen (file) + 1;
> -      new = (char *) __alloca (tzdir_len + 1 + len);
> +      new = (char *) malloc (tzdir_len + 1 + len);

and what do you do when (tzdir_len+1+len) overflows ?

if you're going to switch to malloc, then it seems like using asprintf would 
be simpler:
	if (asprintf (&new, "%s/%s", tzdir, file))
		goto ret_free_transitions;
-mike

Attachment: signature.asc
Description: This is a digitally signed message part.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]