[Bug libc/18873] New: posix_fallocate overflow check ineffective

[Bug libc/18873] New: posix_fallocate overflow check ineffective

[eggert at gnu dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

            Bug ID: 18873
           Summary: posix_fallocate overflow check ineffective
           Product: glibc
           Version: 2.22
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: eggert at gnu dot org
                CC: drepper.fsp at gmail dot com
  Target Milestone: ---

Created attachment 8554
  --> https://sourceware.org/bugzilla/attachment.cgi?id=8554&action=edit
Fix broken overflow check in posix_fallocate

A Coverity scan found typos in the recent changes to posix_fallocate that
render the overflow check ineffective.  GCC no doubt just optimizes it away. 
Proposed patch attached.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fweimer at redhat dot com
              Flags|                            |security-

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[carlos at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |carlos at redhat dot com

--- Comment #1 from Carlos O'Donell <carlos at redhat dot com> ---
Looks good to me. I don't know what actually happens in the original case, I'd
have to track down the assembly and see what it does. However, the patch is
obviously what's intended e.g. sum of two unsigned values.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
I looked at the disassembly before the alleged fix, and the overflow check was
optimized out there as well, so no regression.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  543ef578c3304661713950b37abd0c916f52ecf0 (commit)
      from  3f563e90e85cb378f9f40e6a10bc50b309b39ab1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=543ef578c3304661713950b37abd0c916f52ecf0

commit 543ef578c3304661713950b37abd0c916f52ecf0
Author: Paul Eggert <eggert@cs.ucla.edu>
Date:   Tue Aug 25 23:42:01 2015 -0700

    Fix broken overflow check in posix_fallocate [BZ 18873]

    * sysdeps/posix/posix_fallocate.c (posix_fallocate):
    * sysdeps/posix/posix_fallocate64.c (__posix_fallocate64_l64):
    Fix parenthesization typo.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                         |    8 ++++++++
 NEWS                              |    2 +-
 sysdeps/posix/posix_fallocate.c   |    2 +-
 sysdeps/posix/posix_fallocate64.c |    2 +-
 4 files changed, 11 insertions(+), 3 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[fweimer at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
Fixed in glibc 2.23.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[eggert at gnu dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

--- Comment #5 from Paul Eggert <eggert at gnu dot org> ---
Florian, thank you for doing the legwork on this and the other Coverity-related
patches.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/18873] posix_fallocate overflow check ineffective

[jsm28 at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=18873

Joseph Myers <jsm28 at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|---                         |2.23

-- 
You are receiving this mail because:
You are on the CC list for the bug.