public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/13231] setenv ("NAME", NULL) corrupts environment
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
@ 2011-09-28 5:24 ` robert.ancell at gmail dot com
2011-10-15 14:17 ` drepper.fsp at gmail dot com
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: robert.ancell at gmail dot com @ 2011-09-28 5:24 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13231
Robert Ancell <robert.ancell at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://launchpad.net/bugs/
| |861132
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment
@ 2011-09-28 5:24 robert.ancell at gmail dot com
2011-09-28 5:24 ` [Bug libc/13231] " robert.ancell at gmail dot com
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: robert.ancell at gmail dot com @ 2011-09-28 5:24 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13231
Bug #: 13231
Summary: setenv ("NAME", NULL) corrupts environment
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper.fsp@gmail.com
ReportedBy: robert.ancell@gmail.com
Classification: Unclassified
Created attachment 5948
--> http://sourceware.org/bugzilla/attachment.cgi?id=5948
Proposed patch, which treats NULL value as "" (which I think is what the
current code intends).
setenv ("NAME", NULL) corrupts the environment. It doesn't seem specified what
the function should do when value is NULL, but the code does check for it - it
just does the wrong thing:
stdlib/setenv.c:
...
__add_to_environ (name, value, combined, replace)
...
const size_t vallen = value != NULL ? strlen (value) + 1 : 0;
...
memcpy (new_value, name, namelen);
new_value[namelen] = '=';
memcpy (&new_value[namelen + 1], value, vallen);
...
i.e. the new value is set to "NAME=" without the trailing nul character.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/13231] setenv ("NAME", NULL) corrupts environment
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
2011-09-28 5:24 ` [Bug libc/13231] " robert.ancell at gmail dot com
@ 2011-10-15 14:17 ` drepper.fsp at gmail dot com
2011-10-16 22:04 ` robert.ancell at gmail dot com
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: drepper.fsp at gmail dot com @ 2011-10-15 14:17 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13231
Ulrich Drepper <drepper.fsp at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Ulrich Drepper <drepper.fsp at gmail dot com> 2011-10-15 14:16:43 UTC ---
The parameter is supposed to be a string pointer. NULL is no string pointer,
neither is in most case -1 etc. There is no way to catch invalid pointers and
any such effort would only hurt correct code. Just fix your code.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/13231] setenv ("NAME", NULL) corrupts environment
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
2011-09-28 5:24 ` [Bug libc/13231] " robert.ancell at gmail dot com
2011-10-15 14:17 ` drepper.fsp at gmail dot com
@ 2011-10-16 22:04 ` robert.ancell at gmail dot com
2011-10-29 20:19 ` drepper.fsp at gmail dot com
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: robert.ancell at gmail dot com @ 2011-10-16 22:04 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13231
--- Comment #2 from Robert Ancell <robert.ancell at gmail dot com> 2011-10-16 22:04:08 UTC ---
Could you please consider changing this line then:
const size_t vallen = value != NULL ? strlen (value) + 1 : 0;
to:
const size_t vallen = strlen (value) + 1;
This is detecting that value is NULL, handling it, then causing a greater
problem later on in the function. If value must be non NULL then a
segmentation fault is preferable to a memory corruption which is much harded to
diagnose.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/13231] setenv ("NAME", NULL) corrupts environment
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
` (2 preceding siblings ...)
2011-10-16 22:04 ` robert.ancell at gmail dot com
@ 2011-10-29 20:19 ` drepper.fsp at gmail dot com
2011-10-29 23:17 ` ldv at altlinux dot org
2014-06-27 12:01 ` fweimer at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: drepper.fsp at gmail dot com @ 2011-10-29 20:19 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13231
--- Comment #3 from Ulrich Drepper <drepper.fsp at gmail dot com> 2011-10-29 20:18:42 UTC ---
(In reply to comment #2)
> Could you please consider changing this line then:
No, this would require unnecessary other changes.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/13231] setenv ("NAME", NULL) corrupts environment
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
` (3 preceding siblings ...)
2011-10-29 20:19 ` drepper.fsp at gmail dot com
@ 2011-10-29 23:17 ` ldv at altlinux dot org
2014-06-27 12:01 ` fweimer at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: ldv at altlinux dot org @ 2011-10-29 23:17 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13231
--- Comment #4 from Dmitry V. Levin <ldv at altlinux dot org> 2011-10-29 23:17:07 UTC ---
(In reply to comment #3)
> (In reply to comment #2)
> > Could you please consider changing this line then:
>
> No, this would require unnecessary other changes.
Since "value" and "combined" cannot be non-NULL altogether, the change is not
going to be so tremendous:
- const size_t vallen = value != NULL ? strlen (value) + 1 : 0;
+ const size_t vallen = combined == NULL ? strlen (value) + 1 : 0;
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/13231] setenv ("NAME", NULL) corrupts environment
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
` (4 preceding siblings ...)
2011-10-29 23:17 ` ldv at altlinux dot org
@ 2014-06-27 12:01 ` fweimer at redhat dot com
5 siblings, 0 replies; 7+ messages in thread
From: fweimer at redhat dot com @ 2014-06-27 12:01 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13231
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-06-27 12:01 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-09-28 5:24 [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment robert.ancell at gmail dot com
2011-09-28 5:24 ` [Bug libc/13231] " robert.ancell at gmail dot com
2011-10-15 14:17 ` drepper.fsp at gmail dot com
2011-10-16 22:04 ` robert.ancell at gmail dot com
2011-10-29 20:19 ` drepper.fsp at gmail dot com
2011-10-29 23:17 ` ldv at altlinux dot org
2014-06-27 12:01 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).