From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1105) id 729733858425; Thu, 22 Dec 2022 19:37:26 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 729733858425 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1671737846; bh=Bj0oapFvMDOTj78Rh855ruxPZLM9LuSLvbF9XQz5Qkg=; h=From:To:Subject:Date:From; b=rI1orGIFb1PdhIxbaq3SfDsOp82R9WYFOOp4uQeD3+SW5Q9AhCKRzL7nleFGWn0wd ZCfMUz+A4lHp6kLFNQbv3NElb6jOuWCb73Q3TzdFfjWvGVSzD2QB6QW5EjkhEPk/j5 En8N+QJ2LydhB5ic0C9WLR6nFvqsKEm91G4n4tqs= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Joseph Myers To: glibc-cvs@sourceware.org Subject: [glibc] Avoid use of atoi in malloc X-Act-Checkin: glibc X-Git-Author: Joseph Myers X-Git-Refname: refs/heads/master X-Git-Oldrev: 3c66c9600e285a42f042dd596859664b1d1372a7 X-Git-Newrev: c923cd8c496c7f253f327361a65c737233c7ebbd Message-Id: <20221222193726.729733858425@sourceware.org> Date: Thu, 22 Dec 2022 19:37:26 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c923cd8c496c7f253f327361a65c737233c7ebbd commit c923cd8c496c7f253f327361a65c737233c7ebbd Author: Joseph Myers Date: Thu Dec 22 19:37:09 2022 +0000 Avoid use of atoi in malloc This patch is analogous to commit a3708cf6b0a5a68e2ed1ce3db28a03ed21d368d2. atoi has undefined behavior on out-of-range input, which makes it problematic to use anywhere in glibc that might be processing input out-of-range for atoi but not specified to produce undefined behavior for the function calling atoi. In conjunction with the C2x strtol changes, use of atoi in libc can also result in localplt test failures because the redirection for strtol does not interact properly with the libc_hidden_proto call for __isoc23_strtol for the call in the inline atoi implementation. In malloc/arena.c, this issue shows up for atoi calls that are only compiled for --disable-tunables (thus with the x86_64-linux-gnu-minimal configuration of build-many-glibcs.py, for example). Change those atoi calls to use strtol directly, as in the previous such changes. Tested for x86_64 (--disable-tunables). Diff: --- malloc/arena.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/malloc/arena.c b/malloc/arena.c index f381f18371..840129e956 100644 --- a/malloc/arena.c +++ b/malloc/arena.c @@ -386,34 +386,39 @@ ptmalloc_init (void) if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "TOP_PAD_", 8) == 0) - __libc_mallopt (M_TOP_PAD, atoi (&envline[9])); + __libc_mallopt (M_TOP_PAD, strtol (&envline[9], NULL, 10)); else if (memcmp (envline, "PERTURB_", 8) == 0) - __libc_mallopt (M_PERTURB, atoi (&envline[9])); + __libc_mallopt (M_PERTURB, strtol (&envline[9], NULL, 10)); } break; case 9: if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "MMAP_MAX_", 9) == 0) - __libc_mallopt (M_MMAP_MAX, atoi (&envline[10])); + __libc_mallopt (M_MMAP_MAX, strtol (&envline[10], + NULL, 10)); else if (memcmp (envline, "ARENA_MAX", 9) == 0) - __libc_mallopt (M_ARENA_MAX, atoi (&envline[10])); + __libc_mallopt (M_ARENA_MAX, strtol (&envline[10], + NULL, 10)); } break; case 10: if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "ARENA_TEST", 10) == 0) - __libc_mallopt (M_ARENA_TEST, atoi (&envline[11])); + __libc_mallopt (M_ARENA_TEST, strtol (&envline[11], + NULL, 10)); } break; case 15: if (!__builtin_expect (__libc_enable_secure, 0)) { if (memcmp (envline, "TRIM_THRESHOLD_", 15) == 0) - __libc_mallopt (M_TRIM_THRESHOLD, atoi (&envline[16])); + __libc_mallopt (M_TRIM_THRESHOLD, strtol (&envline[16], + NULL, 10)); else if (memcmp (envline, "MMAP_THRESHOLD_", 15) == 0) - __libc_mallopt (M_MMAP_THRESHOLD, atoi (&envline[16])); + __libc_mallopt (M_MMAP_THRESHOLD, strtol (&envline[16], + NULL, 10)); } break; default: