From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <glibc-bugs-return-17773-listarch-glibc-bugs=sources.redhat.com@sourceware.org>
Received: (qmail 20934 invoked by alias); 8 Jan 2013 04:58:53 -0000
Received: (qmail 20839 invoked by uid 48); 8 Jan 2013 04:58:31 -0000
From: "nickolai at csail dot mit.edu" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/15002] New: Avoid undefined behavior in posix_fallocate overflow check
Date: Tue, 08 Jan 2013 04:58:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: nickolai at csail dot mit.edu
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Changed-Fields:
Message-ID: <bug-15002-131@http.sourceware.org/bugzilla/>
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
Content-Type: text/plain; charset="UTF-8"
MIME-Version: 1.0
Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs@sourceware.org>
List-Help: <mailto:glibc-bugs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-owner@sourceware.org
X-SW-Source: 2013-01/txt/msg00024.txt.bz2

http://sourceware.org/bugzilla/show_bug.cgi?id=15002

             Bug #: 15002
           Summary: Avoid undefined behavior in posix_fallocate overflow
                    check
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: unassigned@sourceware.org
        ReportedBy: nickolai@csail.mit.edu
                CC: drepper.fsp@gmail.com
    Classification: Unclassified


Created attachment 6802
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6802
proposed fix

posix_fallocate relies on wraparound to check whether offset + len overflows. 
As both are signed values, this is undefined behavior in C, and some compilers
(e.g., gcc-4.7.2) will optimize away the if (offset + len < 0) check as dead
code, since it is already known that offset >= 0 and len >= 0.  The attached
patch replaces the check with one that does not rely on undefined behavior.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.