This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] add attribute nonstring
- From: Steve Ellcey <sellcey at cavium dot com>
- To: Martin Sebor <msebor at gmail dot com>, Paul Eggert <eggert at cs dot ucla dot edu>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Mon, 13 Nov 2017 09:35:06 -0800
- Subject: Re: [PATCH] add attribute nonstring
- Authentication-results: sourceware.org; auth=none
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=Steve dot Ellcey at cavium dot com;
- References: <06e1ee69-bb30-ff95-42db-2d4b2d7eba7d@gmail.com>
- Reply-to: sellcey at cavium dot com
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
On Sun, 2017-11-12 at 16:49 -0700, Martin Sebor wrote:
>
> PS I still don't see it discussed on the Linux man page but
> I did find such a requirement on an AIX 6.1 ioctl man page:
> https://www.ibm.com/support/knowledgecenter/en/ssw_ibm_i_61/apis/ioct
> l.htm
>
> The descriptions of the if_indextoname and if_nametoindex
> functions specified by RFC 3493 also talk about the name being
> a nul-terminated string so it looks to me like you are correct
> and the warning has found a Glibc bug. Yay! :)
I think this is a bug and that if_nametoindex should check for a name
that is too long. Based on RFC 3493 it would appear that we don't need
to set errno in this case though I am not sure if that is a correct
interpretation. I tested this patch:
2017-11-13 Steve Ellcey <sellcey@cavium.com>
* sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
Check if ifname is too long.
diff --git a/sysdeps/unix/sysv/linux/if_index.c
b/sysdeps/unix/sysv/linux/if_index.c
index 56f3f13..1e081c0 100644
--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
@@ -43,6 +43,9 @@ __if_nametoindex (const char *ifname)
if (fd < 0)
return 0;
+ if (strlen (ifname) >= IFNAMSIZ)
+ return 0;
+
strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
{
And it compiled fine using the latest GCC. Apparently GCC's constant
propogation allowed it to see that sizeof could not longer be IFNAMSIZ.
Steve Ellcey