24050 – telldir missing truncation check

Bug 24050 - telldir missing truncation check

Summary: telldir missing truncation check

Status:	NEW

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	libc (show other bugs)
Version:	2.28

Importance:	P2 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-12-31 16:55 UTC by Joseph Myers
Modified:	2024-12-25 05:53 UTC (History)
CC List:	4 users (show)

See Also:	31186 31212 23960
Host:
Target:
Build:
Last reconfirmed:

Flags:	fweimer: security-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Joseph Myers 2018-12-31 16:55:36 UTC

sysdeps/posix/telldir.c converts an off_t value (dirp->filepos) to a long int return value with no overflow check.  On platforms where long int is smaller than the default off_t (currently just x32, but will include RISC-V 32-bit in future, given the intent that that will only support 64-bit times and thus will only support 64-bit offsets), it should check for overflow in the conversion and produce an EOVERFLOW error in that case.  (This is related to but separate from bug 23960; a kernel facility to request 32-bit offsets to avoid that bug might avoid some overflows occurring, but only if such requests are made by glibc in the configurations with 32-bit long, not just the configurations with 32-bit off_t.)

Comment 1 H.J. Lu 2018-12-31 18:43:48 UTC

Should we add telldir64 and seekdir64?

Comment 2 jsm-csl@polyomino.org.uk 2018-12-31 18:47:31 UTC

My view on new APIs for this case would be telldiro / seekdiro / 
telldiro64 / seekdiro64, by analogy with fseeko / ftello.