This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] Correct range checking in mallopt/mxfast/tcache [BZ #25194]
- From: Carlos O'Donell <codonell at redhat dot com>
- To: DJ Delorie <dj at redhat dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Tue, 3 Dec 2019 23:51:45 -0500
- Subject: Re: [patch] Correct range checking in mallopt/mxfast/tcache [BZ #25194]
- References: <xnzhg8vgr5.fsf@greed.delorie.com>
On 12/3/19 11:47 PM, DJ Delorie wrote:
> "Carlos O'Donell" <codonell@redhat.com> writes:
>> Does this allow mallopt to accept an invalid large negative
>> value but after wrapping be treated as less than MAX_TCACHE_SIZE
>> and thus be accepted instead of rejected?
>
> Only if sizeof(int) > sizeof(size_t), which for our targets never
> happens. Negative values passed to mallopt will now result in failure,
> because they'll map to positive size_t larger than MAX_TCACHE_SIZE.
> Plus MAX_TCACHE_SIZE is "very small"
I would accept:
* Proper range checking in mallopt.
* Documentation in a comment that this is safe with an example.
--
Cheers,
Carlos.