public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init()
@ 2021-09-29 4:00 wangxuszcn at foxmail dot com
2021-09-29 7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: wangxuszcn at foxmail dot com @ 2021-09-29 4:00 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28395
Bug ID: 28395
Summary: result.val is aligned malloc pointer, may not be
check NULL in allocate_and_init()
Product: glibc
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: dynamic-link
Assignee: unassigned at sourceware dot org
Reporter: wangxuszcn at foxmail dot com
Target Milestone: ---
diff --git a/elf/dl-tls.c b/elf/dl-tls.c
index 34d6f34..1b7d38a 100644
--- a/elf/dl-tls.c
+++ b/elf/dl-tls.c
@@ -606,7 +609,7 @@ allocate_and_init (struct link_map *map)
{
struct dtv_pointer result = allocate_dtv_entry
(map->l_tls_align, map->l_tls_blocksize);
- if (result.val == NULL)
+ /*result.val is aligned malloc pointer, using to_free instead.*/
+ if (result.to_free == NULL)
oom ();
/* Initialize the memory. */
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/28395] result.val is aligned malloc pointer, may not be check NULL in allocate_and_init()
2021-09-29 4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
@ 2021-09-29 7:38 ` schwab@linux-m68k.org
2021-09-30 4:25 ` wangxuszcn at foxmail dot com
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: schwab@linux-m68k.org @ 2021-09-29 7:38 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28395
--- Comment #1 from Andreas Schwab <schwab@linux-m68k.org> ---
When does this make a difference?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/28395] result.val is aligned malloc pointer, may not be check NULL in allocate_and_init()
2021-09-29 4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
2021-09-29 7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
@ 2021-09-30 4:25 ` wangxuszcn at foxmail dot com
2021-09-30 17:14 ` fweimer at redhat dot com
2024-01-11 8:56 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: wangxuszcn at foxmail dot com @ 2021-09-30 4:25 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28395
--- Comment #2 from wangxu <wangxuszcn at foxmail dot com> ---
(In reply to Andreas Schwab from comment #1)
> When does this make a difference?
Original pointer of buffer allocated in allocate_dtv_entry() is assigned to
.to_free, while .val is aligned pointer of buffer.
/* Allocate one DTV entry. */
static struct dtv_pointer allocate_dtv_entry (size_t alignment, size_t size)
{
......
void *start = malloc (alloc_size);
/* Find the aligned position within the larger allocation. */
void *aligned = (void *) roundup ((uintptr_t) start, alignment);
return (struct dtv_pointer) { .val = aligned, .to_free = start };
}
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/28395] result.val is aligned malloc pointer, may not be check NULL in allocate_and_init()
2021-09-29 4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
2021-09-29 7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
2021-09-30 4:25 ` wangxuszcn at foxmail dot com
@ 2021-09-30 17:14 ` fweimer at redhat dot com
2024-01-11 8:56 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: fweimer at redhat dot com @ 2021-09-30 17:14 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28395
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--- Comment #3 from Florian Weimer <fweimer at redhat dot com> ---
If malloc fails, both pointers are zero:
/* The alignment is supported by malloc. */
void *ptr = malloc (size);
return (struct dtv_pointer) { ptr, ptr };
And later:
void *start = malloc (alloc_size);
if (start == NULL)
return (struct dtv_pointer) {};
So I do not think this patch is needed.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug dynamic-link/28395] result.val is aligned malloc pointer, may not be check NULL in allocate_and_init()
2021-09-29 4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
` (2 preceding siblings ...)
2021-09-30 17:14 ` fweimer at redhat dot com
@ 2024-01-11 8:56 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: fweimer at redhat dot com @ 2024-01-11 8:56 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28395
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |NOTABUG
Status|UNCONFIRMED |RESOLVED
--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
Closing per comment 3.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-01-11 8:56 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-29 4:00 [Bug dynamic-link/28395] New: result.val is aligned malloc pointer, may not be check NULL in allocate_and_init() wangxuszcn at foxmail dot com
2021-09-29 7:38 ` [Bug dynamic-link/28395] " schwab@linux-m68k.org
2021-09-30 4:25 ` wangxuszcn at foxmail dot com
2021-09-30 17:14 ` fweimer at redhat dot com
2024-01-11 8:56 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).