* [Bug nis/3559] unchecked malloc in glibc/sunrpc/svc_run.c
2006-11-22 5:19 [Bug nis/3559] New: unchecked malloc in glibc/sunrpc/svc_run.c csnook at redhat dot com
@ 2006-11-22 5:24 ` csnook at redhat dot com
2006-11-22 7:52 ` jakub at redhat dot com
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: csnook at redhat dot com @ 2006-11-22 5:24 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From csnook at redhat dot com 2006-11-22 05:24 -------
Created an attachment (id=1434)
--> (http://sourceware.org/bugzilla/attachment.cgi?id=1434&action=view)
patch to report error and return if malloc fails
patch to report error and return if malloc fails
--
http://sourceware.org/bugzilla/show_bug.cgi?id=3559
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug nis/3559] unchecked malloc in glibc/sunrpc/svc_run.c
2006-11-22 5:19 [Bug nis/3559] New: unchecked malloc in glibc/sunrpc/svc_run.c csnook at redhat dot com
2006-11-22 5:24 ` [Bug nis/3559] " csnook at redhat dot com
@ 2006-11-22 7:52 ` jakub at redhat dot com
2006-11-22 8:13 ` csnook at redhat dot com
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: jakub at redhat dot com @ 2006-11-22 7:52 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From jakub at redhat dot com 2006-11-22 07:51 -------
If we touch this file, there are further things we should look at:
1) svc_exit's comment says it should be usable in signal handler, but calling
free isn't possible in signal handlers, perhaps just clearing svc_maxpoll_fd
and freeing in svc_run instead
2) doing a malloc/free pair in every single svc_run loop iteration sounds
overkill to me, it should be enough if it reallocates the memory if
svc_maxpoll_fd changes since last invocation
--
http://sourceware.org/bugzilla/show_bug.cgi?id=3559
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug nis/3559] unchecked malloc in glibc/sunrpc/svc_run.c
2006-11-22 5:19 [Bug nis/3559] New: unchecked malloc in glibc/sunrpc/svc_run.c csnook at redhat dot com
2006-11-22 5:24 ` [Bug nis/3559] " csnook at redhat dot com
2006-11-22 7:52 ` jakub at redhat dot com
@ 2006-11-22 8:13 ` csnook at redhat dot com
2006-11-27 23:02 ` drepper at redhat dot com
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: csnook at redhat dot com @ 2006-11-22 8:13 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From csnook at redhat dot com 2006-11-22 08:13 -------
For that matter, using svc_max_pollfd as a sentinel like this is racy, and
should be replaced with a real sentinel whose value isn't used within the loop
it also controls.
Perhaps a better question would be whether anything actually calls svc_exit at
all. It's not called anywhere in ypbind-mt, but I suppose other RPC services
might use it.
--
http://sourceware.org/bugzilla/show_bug.cgi?id=3559
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug nis/3559] unchecked malloc in glibc/sunrpc/svc_run.c
2006-11-22 5:19 [Bug nis/3559] New: unchecked malloc in glibc/sunrpc/svc_run.c csnook at redhat dot com
` (2 preceding siblings ...)
2006-11-22 8:13 ` csnook at redhat dot com
@ 2006-11-27 23:02 ` drepper at redhat dot com
2007-01-12 16:59 ` cvs-commit at gcc dot gnu dot org
2007-02-17 9:11 ` drepper at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: drepper at redhat dot com @ 2006-11-27 23:02 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2006-11-27 23:02 -------
I've applied the patch to handle malloc errors.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |WAITING
http://sourceware.org/bugzilla/show_bug.cgi?id=3559
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug nis/3559] unchecked malloc in glibc/sunrpc/svc_run.c
2006-11-22 5:19 [Bug nis/3559] New: unchecked malloc in glibc/sunrpc/svc_run.c csnook at redhat dot com
` (3 preceding siblings ...)
2006-11-27 23:02 ` drepper at redhat dot com
@ 2007-01-12 16:59 ` cvs-commit at gcc dot gnu dot org
2007-02-17 9:11 ` drepper at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: cvs-commit at gcc dot gnu dot org @ 2007-01-12 16:59 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From cvs-commit at gcc dot gnu dot org 2007-01-12 16:59 -------
Subject: Bug 3559
CVSROOT: /cvs/glibc
Module name: libc
Branch: glibc-2_5-branch
Changes by: jakub@sourceware.org 2007-01-12 16:59:03
Modified files:
. : ChangeLog
sunrpc : svc_run.c
Log message:
[BZ #3559]
* sunrpc/svc_run.c (svc_run): Fail instead of segfaulting if
malloc crashed.
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/libc/ChangeLog.diff?cvsroot=glibc&only_with_tag=glibc-2_5-branch&r1=1.10362.2.14&r2=1.10362.2.15
http://sourceware.org/cgi-bin/cvsweb.cgi/libc/sunrpc/svc_run.c.diff?cvsroot=glibc&only_with_tag=glibc-2_5-branch&r1=1.10&r2=1.10.8.1
--
http://sourceware.org/bugzilla/show_bug.cgi?id=3559
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug nis/3559] unchecked malloc in glibc/sunrpc/svc_run.c
2006-11-22 5:19 [Bug nis/3559] New: unchecked malloc in glibc/sunrpc/svc_run.c csnook at redhat dot com
` (4 preceding siblings ...)
2007-01-12 16:59 ` cvs-commit at gcc dot gnu dot org
@ 2007-02-17 9:11 ` drepper at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: drepper at redhat dot com @ 2007-02-17 9:11 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2007-02-17 09:10 -------
I'm closing this. The code is broken by design, there is not much we can do
except fixing critical problems.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|WAITING |RESOLVED
Resolution| |FIXED
http://sourceware.org/bugzilla/show_bug.cgi?id=3559
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 7+ messages in thread