[Bug libc/30932] New: Fortify Source has false-positives when too many files are open

[Bug libc/30932] New: Fortify Source has false-positives when too many files are open

[volker.weissmann at gmx dot de]

https://sourceware.org/bugzilla/show_bug.cgi?id=30932

            Bug ID: 30932
           Summary: Fortify Source has false-positives when too many files
                    are open
           Product: glibc
           Version: 2.38
            Status: UNCONFIRMED
          Severity: minor
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: volker.weissmann at gmx dot de
                CC: drepper.fsp at gmail dot com
  Target Milestone: ---

Let's say you are writing a program that read/writes from files in a loop:
```
#include <assert.h>
#include <fcntl.h>
#include <stdio.h>
int main() {
  for (int i = 0; i < 10000; i++) {
    FILE *file = fopen("/dev/zero", "r");
    assert(file != NULL);
    // read from file
    fclose(file);
  }
}
```
The code above works perfectly fine. But let's say you forgot the fclose. Since
linux has a limit on the maximum of open files, it will crash with this
message:
```
a.out: main.c:7: main: Assertion `file != NULL' failed.
Aborted (core dumped)
```
Which is exactly what should happen. If however glibc was build with
--enable-fortify-source (i.e. -D_FORTIFY_SOURCE=2) (e.g. the glibc of Archlinux
is build with --enable-fortify-source) the error messages becomes:
```
*** %n in writable segment detected ***
Aborted (core dumped)
```
I don't like this, since it made debugging harder, especially because the new
error message no longer includes `main.c:7`.

I will send a patch for this to the mailing list today.

I found this bug while using glibc 2.38-5 as shipped by ArchLinux and I
reproduced it with the master branch (d90b43a4ed475dac5b0cd6e01ceb35c7b0f7f2ff)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/30932] Fortify Source has false-positives when too many files are open

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=30932

--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Adhemerval Zanella
<azanella@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=be7a5468d4f694ee8d052b537141f51af43ca7f2

commit be7a5468d4f694ee8d052b537141f51af43ca7f2
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date:   Tue Oct 3 15:09:36 2023 -0300

    debug: Add regression tests for BZ 30932

    Checked on x86_64-linux-gnu.
    Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libc/30932] Fortify Source has false-positives when too many files are open

[adhemerval.zanella at linaro dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=30932

Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
                 CC|                            |adhemerval.zanella at linaro dot o
                   |                            |rg
             Status|UNCONFIRMED                 |RESOLVED
   Target Milestone|---                         |2.39
           Assignee|unassigned at sourceware dot org   |adhemerval.zanella at linaro dot o
                   |                            |rg

--- Comment #2 from Adhemerval Zanella <adhemerval.zanella at linaro dot org> ---
Fixed on 2.39.

-- 
You are receiving this mail because:
You are on the CC list for the bug.