This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] Error on setenv(..., NULL, ...)
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: Paul Pluzhnikov <ppluzhnikov at google dot com>, Szabolcs Nagy <szabolcs dot nagy at arm dot com>
- Cc: Joseph Myers <joseph at codesourcery dot com>, GLIBC Devel <libc-alpha at sourceware dot org>, Roland McGrath <roland at hack dot frob dot com>, "mtk at man7 dot org" <mtk at man7 dot org>
- Date: Wed, 11 Mar 2015 11:48:00 -0700
- Subject: Re: [patch] Error on setenv(..., NULL, ...)
- Authentication-results: sourceware.org; auth=none
- References: <CALoOobNSbWUkd_i-L6U0ovbqPYnJY-h=ftX1K61yb19pmJj6aw at mail dot gmail dot com> <alpine dot DEB dot 2 dot 10 dot 1503111712240 dot 30954 at digraph dot polyomino dot org dot uk> <CALoOobPKxfJfnbcUKH8osgCZMeSiD83K1OiF+_vSeAy0ewe1Jw at mail dot gmail dot com> <55008721 dot 1090200 at arm dot com> <CALoOobNbOgm5=oFbEUmTbca3M-KqSUgGmTeWYOt1zTN-CTLoog at mail dot gmail dot com>
On 03/11/2015 11:26 AM, Paul Pluzhnikov wrote:
Where does it say that NULL name is allowed?
It doesn't. But that's the FreeBSD behavior.
FreeBSD setenv (..., NULL, ...) dumps core quickly because it calls
strlen (NULL). How about if we do the same? It should be just as fast
as what we do now, and it's safer and more compatible. Something like
the attached untested patch, say.
diff --git a/ChangeLog b/ChangeLog
index 7360079..b9b40c9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2015-03-11 Paul Eggert <eggert@cs.ucla.edu>
+
+ * stdlib/setenv.c (__add_to_environ):
+ Dump core quickly if setenv (..., NULL, ...) is called.
+
2015-03-11 Paul Pluzhnikov <ppluzhnikov@google.com>
[BZ #18043]
diff --git a/stdlib/setenv.c b/stdlib/setenv.c
index b60c4f0..f3de7e9 100644
--- a/stdlib/setenv.c
+++ b/stdlib/setenv.c
@@ -115,7 +115,13 @@ __add_to_environ (name, value, combined, replace)
char **ep;
size_t size;
const size_t namelen = strlen (name);
- const size_t vallen = value != NULL ? strlen (value) + 1 : 0;
+ size_t vallen;
+
+ /* Test COMBINED, not VALUE, since VALLEN is needed only if COMBINED
+ is non-null. Also, testing COMBINED causes setenv (..., NULL, ...)
+ to dump core quickly instead of corrupting memory. */
+ if (combined != NULL)
+ vallen = strlen (value) + 1;
LOCK;
- References:
- [patch] Error on setenv(..., NULL, ...)
- Re: [patch] Error on setenv(..., NULL, ...)
- Re: [patch] Error on setenv(..., NULL, ...)
- Re: [patch] Error on setenv(..., NULL, ...)
- Re: [patch] Error on setenv(..., NULL, ...)