From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 12936 invoked by alias); 28 Sep 2011 05:24:06 -0000 Received: (qmail 12929 invoked by uid 22791); 28 Sep 2011 05:24:04 -0000 X-SWARE-Spam-Status: No, hits=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00,TW_CP X-Spam-Check-By: sourceware.org Received: from localhost (HELO sourceware.org) (127.0.0.1) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 28 Sep 2011 05:23:52 +0000 From: "robert.ancell at gmail dot com" To: glibc-bugs@sources.redhat.com Subject: [Bug libc/13231] New: setenv ("NAME", NULL) corrupts environment Date: Wed, 28 Sep 2011 05:24:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: robert.ancell at gmail dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: drepper.fsp at gmail dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2011-09/txt/msg00126.txt.bz2 http://sourceware.org/bugzilla/show_bug.cgi?id=13231 Bug #: 13231 Summary: setenv ("NAME", NULL) corrupts environment Product: glibc Version: unspecified Status: NEW Severity: normal Priority: P2 Component: libc AssignedTo: drepper.fsp@gmail.com ReportedBy: robert.ancell@gmail.com Classification: Unclassified Created attachment 5948 --> http://sourceware.org/bugzilla/attachment.cgi?id=5948 Proposed patch, which treats NULL value as "" (which I think is what the current code intends). setenv ("NAME", NULL) corrupts the environment. It doesn't seem specified what the function should do when value is NULL, but the code does check for it - it just does the wrong thing: stdlib/setenv.c: ... __add_to_environ (name, value, combined, replace) ... const size_t vallen = value != NULL ? strlen (value) + 1 : 0; ... memcpy (new_value, name, namelen); new_value[namelen] = '='; memcpy (&new_value[namelen + 1], value, vallen); ... i.e. the new value is set to "NAME=" without the trailing nul character. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.