This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
Greetings,
The following test program:
#include <stdlib.h>
#include <stdio.h>
int main() {
setenv("ZZZ", NULL, 1);
char *p = getenv("ZZZ");
printf("%c\n", p[0]);
return 0;
}
produces "unusable" environment, in which getenv("ZZZ") succeeds, but
you can't look at any bytes of the resulting pointer:
gcc -g t.c
t.c: In function âmainâ:
t.c:5:3: warning: null argument where non-null required (argument 2) [-Wnonnull]
setenv("ZZZ", NULL, 1);
^
valgrind ./a.out
==27832== Invalid read of size 1
==27832== at 0x4005FB: main (/tmp/t.c:7)
==27832== Address 0x4dea3e4 is 0 bytes after a block of size 4 alloc'd
==27832== at 0x40307C4: malloc
(valgrind/coregrind/m_replacemalloc/vg_replace_malloc.c:270)
==27832== by 0x4A60C59: __add_to_environ
(/build/buildd/eglibc-2.19/stdlib/setenv.c:193)
==27832== by 0x40344BF: setenv (valgrind/memcheck/mc_replace_strmem.c:1643)
==27832== by 0x4005E8: main (/tmp/t.c:5)
See also https://sourceware.org/ml/libc-alpha/2015-03/msg00402.html,
where GLIBC performed the bad setenv() itself.
Attached trivial patch makes setenv(..., NULL, ...) fail instead of
producing "bad" environment. Tested on Linux/x86_64, no new failures.
Thanks,
2015-03-11 Paul Pluzhnikov <ppluzhnikov@google.com>
* stdlib/setenv.c (setenv): Reject NULL value in setenv.
--
Paul Pluzhnikov
Attachment:
null-setenv.patch.txt
Description: Text document
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |