From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 24135 invoked by alias); 21 Jan 2010 03:44:35 -0000 Received: (qmail 24108 invoked by uid 48); 21 Jan 2010 03:44:24 -0000 Date: Thu, 21 Jan 2010 03:44:00 -0000 From: "jlanders at vmware dot com" To: glibc-bugs@sources.redhat.com Message-ID: <20100121034423.11200.jlanders@vmware.com> Reply-To: sourceware-bugzilla@sourceware.org Subject: [Bug libc/11200] New: loadlocale.c:_nl_load_locale() incorrectly handles mmap() failures X-Bugzilla-Reason: CC Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2010-01/txt/msg00102.txt.bz2 The function _nl_load_locale() uses the local variable "filedata" to hold data mmap()'d from the file specified in the argument list. When mmap() fails in _nl_load_locale() at loadlocale.c:223, the local variable filedata gets set to MAP_FAILED or ((void *) -1). When this failure is due to a genuine resource issue, errno gets set to a value other than ENOSYS and the block of code malloc()'ing space for filedata never gets executed. Below in this same function at loadlocale.c:261, filedata is only checked against NULL. As a result, _nl_intern_locale_data() gets passed filedata with a value of -1. This causes applications to generate a SIGFPE exception at the start of _nl_intern_locale_data(). The easiest fix is set filedata to NULL when mmap() fails in _nl_load_locale(). --- a/locale/loadlocale.c 2009-12-08 12:10:20.000000000 -0800 +++ b/locale/loadlocale.c 2010-01-20 12:37:06.000000000 -0800 @@ -224,6 +224,7 @@ PROT_READ, MAP_FILE|MAP_COPY, fd, 0); if (__builtin_expect (filedata == MAP_FAILED, 0)) { + filedata = NULL; if (__builtin_expect (errno, ENOSYS) == ENOSYS) { #endif /* _POSIX_MAPPED_FILES */ This issue exists in other releases prior to glibc-2.11, including glibc-2.5 on RHEL 5.3. Thanks, Joe -- Summary: loadlocale.c:_nl_load_locale() incorrectly handles mmap() failures Product: glibc Version: 2.11 Status: NEW Severity: normal Priority: P2 Component: libc AssignedTo: drepper at redhat dot com ReportedBy: jlanders at vmware dot com CC: glibc-bugs at sources dot redhat dot com GCC build triplet: x86_64-linuxnptl GCC host triplet: x86_64-linuxnptl GCC target triplet: x86_64-linuxnptl http://sourceware.org/bugzilla/show_bug.cgi?id=11200 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.