[PATCH v2] getpw: Get rid of alloca
Adhemerval Zanella Netto
adhemerval.zanella@linaro.org
Tue Aug 29 12:26:39 GMT 2023
On 29/08/23 05:03, Florian Weimer via Libc-alpha wrote:
> * Joe Simmons-Talbott via Libc-alpha:
>
>> Since _SC_GETPW_R_SIZE_MAX will be always NSS_BUFLEN_PASSWD, use a fixed
>> sized array rather than alloca to avoid potential stack overflow.
>
> _SC_GETPW_R_SIZE_MAX is not very well-named, it is the initial suggested
> buffer size. The code should use the usual scratch buffer retry loop.
I though about that on initial revision, however this will change the function
semantic and the code below:
long int sz = sysconf (_SC_GETPW_R_SIZE_MAX);
char *buf = NULL;
while (1) {
buf = realloc (buf, sz);
r = getpw (uid, buf);
if (r != -1 || errno != ENOMEM)
break;
sz *= 2;
}
will start to trigger a buffer overrun. This is an old tricky interface
where I would prefer if we continue to keep same semantic, and maybe
deprecate and move it to compat symbol.
More information about the Libc-alpha
mailing list