[Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and

public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug dynamic-link/28395] New: result.val is aligned  malloc pointer,  may not be check NULL in allocate_and_init()
@ 2021-09-29  4:00 wangxuszcn at foxmail dot com
  2021-09-29  7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: wangxuszcn at foxmail dot com @ 2021-09-29  4:00 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=28395

            Bug ID: 28395
           Summary: result.val is aligned  malloc pointer, may not be
                    check NULL in allocate_and_init()
           Product: glibc
           Version: unspecified
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: dynamic-link
          Assignee: unassigned at sourceware dot org
          Reporter: wangxuszcn at foxmail dot com
  Target Milestone: ---

diff --git a/elf/dl-tls.c b/elf/dl-tls.c
index 34d6f34..1b7d38a 100644
--- a/elf/dl-tls.c
+++ b/elf/dl-tls.c
@@ -606,7 +609,7 @@ allocate_and_init (struct link_map *map)
 {
   struct dtv_pointer result = allocate_dtv_entry
     (map->l_tls_align, map->l_tls_blocksize);
-  if (result.val == NULL)
+  /*result.val is aligned  malloc pointer, using to_free instead.*/
+  if (result.to_free == NULL)
     oom ();

   /* Initialize the memory.  */

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [Bug dynamic-link/28395] result.val is aligned  malloc pointer, may not be check NULL in allocate_and_init()
  2021-09-29  4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
@ 2021-09-29  7:38 ` schwab@linux-m68k.org
  2021-09-30  4:25 ` wangxuszcn at foxmail dot com
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: schwab@linux-m68k.org @ 2021-09-29  7:38 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=28395

--- Comment #1 from Andreas Schwab <schwab@linux-m68k.org> ---
When does this make a difference?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [Bug dynamic-link/28395] result.val is aligned  malloc pointer, may not be check NULL in allocate_and_init()
  2021-09-29  4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
  2021-09-29  7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
@ 2021-09-30  4:25 ` wangxuszcn at foxmail dot com
  2021-09-30 17:14 ` fweimer at redhat dot com
  2024-01-11  8:56 ` fweimer at redhat dot com
  3 siblings, 0 replies; 5+ messages in thread
From: wangxuszcn at foxmail dot com @ 2021-09-30  4:25 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=28395

--- Comment #2 from wangxu <wangxuszcn at foxmail dot com> ---
(In reply to Andreas Schwab from comment #1)
> When does this make a difference?

Original pointer of buffer allocated in allocate_dtv_entry() is assigned to
.to_free, while .val is aligned pointer of buffer.

/* Allocate one DTV entry.  */
static struct dtv_pointer allocate_dtv_entry (size_t alignment, size_t size)
{

  ......
  void *start = malloc (alloc_size);
  /* Find the aligned position within the larger allocation.  */
  void *aligned = (void *) roundup ((uintptr_t) start, alignment);

  return (struct dtv_pointer) { .val = aligned, .to_free = start };
}

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [Bug dynamic-link/28395] result.val is aligned  malloc pointer, may not be check NULL in allocate_and_init()
  2021-09-29  4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
  2021-09-29  7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
  2021-09-30  4:25 ` wangxuszcn at foxmail dot com
@ 2021-09-30 17:14 ` fweimer at redhat dot com
  2024-01-11  8:56 ` fweimer at redhat dot com
  3 siblings, 0 replies; 5+ messages in thread
From: fweimer at redhat dot com @ 2021-09-30 17:14 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=28395

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fweimer at redhat dot com

--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---
If malloc fails, both pointers are zero:

      /* The alignment is supported by malloc.  */
      void *ptr = malloc (size);
      return (struct dtv_pointer) { ptr, ptr };

And later:

  void *start = malloc (alloc_size);
  if (start == NULL)
    return (struct dtv_pointer) {};

So I do not think this patch is needed.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [Bug dynamic-link/28395] result.val is aligned  malloc pointer, may not be check NULL in allocate_and_init()
  2021-09-29  4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
                   ` (2 preceding siblings ...)
  2021-09-30 17:14 ` fweimer at redhat dot com
@ 2024-01-11  8:56 ` fweimer at redhat dot com
  3 siblings, 0 replies; 5+ messages in thread
From: fweimer at redhat dot com @ 2024-01-11  8:56 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=28395

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |NOTABUG
             Status|UNCONFIRMED                 |RESOLVED

--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
Closing per comment 3.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2024-01-11  8:56 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-29  4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
2021-09-29  7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
2021-09-30  4:25 ` wangxuszcn at foxmail dot com
2021-09-30 17:14 ` fweimer at redhat dot com
2024-01-11  8:56 ` fweimer at redhat dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).