10129 – Add the invalid attr checking for pthread_mutexattr_gettype()

Bug 10129 - Add the invalid attr checking for pthread_mutexattr_gettype()

Summary: Add the invalid attr checking for pthread_mutexattr_gettype()

Status:	RESOLVED INVALID

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	libc (show other bugs)
Version:	unspecified

Importance:	P2 normal
Target Milestone:	---
Assignee:	Ulrich Drepper

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-05-05 02:12 UTC by zhangxiliang
Modified:	2014-06-30 09:15 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Flags:	fweimer: security-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description zhangxiliang 2009-05-05 02:12:01 UTC

I tested the mutex type, and found that when I got a mutex type from an
invalid pthread_mutexattr by pthread_mutexattr_gettype(), the function
returns 0.

In pthread_mutexattr_gettype() manual, it directs that the function should
return EINVAL when the mutex type in struct pthread_mutexattr is invalid.

Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
---
 nptl/pthread_mutexattr_gettype.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/nptl/pthread_mutexattr_gettype.c
b/nptl/pthread_mutexattr_gettype.c
index 7303703..40ed531 100644
--- a/nptl/pthread_mutexattr_gettype.c
+++ b/nptl/pthread_mutexattr_gettype.c
@@ -17,6 +17,7 @@
    Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
    02111-1307 USA.  */

+#include <errno.h>
 #include <pthreadP.h>


@@ -30,6 +31,8 @@ pthread_mutexattr_gettype (attr, kind)
   iattr = (const struct pthread_mutexattr *) attr;

   *kind = iattr->mutexkind & ~PTHREAD_MUTEXATTR_FLAG_BITS;
+  if (*kind < PTHREAD_MUTEX_NORMAL || *kind > PTHREAD_MUTEX_ADAPTIVE_NP)
+    return EINVAL;

   return 0;
 }

Comment 1 Ulrich Drepper 2009-05-05 14:49:55 UTC

Nonsense.  If the value is stored it better be correct.

Comment 2 zhangxiliang 2009-05-06 01:43:20 UTC

(In reply to comment #1)
> Nonsense.  If the value is stored it better be correct.

OK. I have make a corrected version.

Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
---
 nptl/pthread_mutexattr_gettype.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/nptl/pthread_mutexattr_gettype.c b/nptl/pthread_mutexattr_gettype.c
index 7303703..4da2dc1 100644
--- a/nptl/pthread_mutexattr_gettype.c
+++ b/nptl/pthread_mutexattr_gettype.c
@@ -17,6 +17,7 @@
    Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
    02111-1307 USA.  */
 
+#include <errno.h>
 #include <pthreadP.h>
 
 
@@ -26,11 +27,15 @@ pthread_mutexattr_gettype (attr, kind)
      int *kind;
 {
   const struct pthread_mutexattr *iattr;
+  int ikind;
 
   iattr = (const struct pthread_mutexattr *) attr;
 
-  *kind = iattr->mutexkind & ~PTHREAD_MUTEXATTR_FLAG_BITS;
+  ikind = iattr->mutexkind & ~PTHREAD_MUTEXATTR_FLAG_BITS;
+  if (ikind < PTHREAD_MUTEX_NORMAL || ikind > PTHREAD_MUTEX_ADAPTIVE_NP)
+    return EINVAL;
 
+  *kind = ikind;
   return 0;
 }
 weak_alias (pthread_mutexattr_gettype, pthread_mutexattr_getkind_np)

Comment 3 Ulrich Drepper 2009-05-07 16:49:45 UTC

(In reply to comment #2)
> OK. I have make a corrected version.

No.  The get functions never verify the state.  They can assume it is correct. 
There will be no change.