From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x34.google.com (mail-oa1-x34.google.com [IPv6:2001:4860:4864:20::34]) by sourceware.org (Postfix) with ESMTPS id E2FD63858D20 for ; Fri, 14 Apr 2023 11:02:21 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E2FD63858D20 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-oa1-x34.google.com with SMTP id 586e51a60fabf-183f4efa98aso27578920fac.2 for ; Fri, 14 Apr 2023 04:02:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1681470141; x=1684062141; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:from:to:cc:subject:date:message-id :reply-to; bh=yPlVbZ+40dZoQ0vMMKecsD9bD7ILGtY+a33Ei8VhOJ0=; b=aBIk78xsCrh3or59RpAFFujgDjksNzc7nspZBEE3SAB0LPrDHya8/9dpZ+MSZahDug dNdnX38uz7sNLJlaM4I3GN8cTEvCFWagOLvjApzxYzvdAm1wbnYQ0z5rJH0rn28mAUVr XvVRM3MAuUVJyN91iqwGesNqwyEeh2iSWVuNxkuiCDg23Ltoc0uPuup4UF7qERmv6CCU VYc2Wwo6e5p7ouZyQ06hSsbWAkCRJI1tDMyYlWSfDt/XnKj8hBvL5688wbdcA6RXFFZl VQtASXFlr9FtPcxoHCxw+KG4Nohdt4Ym9iAgqtXZHHl4BDenZNkgaSH+etzimmPrjDC8 USKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681470141; x=1684062141; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yPlVbZ+40dZoQ0vMMKecsD9bD7ILGtY+a33Ei8VhOJ0=; b=VjQ0ckjEc4ezNqnjbuV9JoYJPdACJCAyaf2kJC0QseuwQom6TfSTYPJMw0O9N+Yj0N 7Dpsitro9Lzi5vpiTZ1vQHx6qG5L4P8nf+eASyAvsVnBLJ4eEbsQoQJ50PXgy1L690RF X2DIMJy7gzanX6f4+ctEc7f0S9L8DQOUGu3HCArWMfJ5JzHuFPu9UFXtrA7dzpEwOcvD 0lWwSslsdZv8e3x3j2J1rCpkaeZA5bqUnWoH7brcVxF4A9YJNKUnHKdB1V6oybSPISjp Z4Q2IeSSEZ7hRe/R/+xy201L09fPgsqikpO/AtnyISoP87aE+MiJNMDzhDVSIby2J55s 2cjg== X-Gm-Message-State: AAQBX9ctZgRSHR5N/9bHX1kxMR0kcOLkBqM6Ad2vqUEpI0rzAyNjGwJq mmeMRoaAKpbwBXIduZJnTmLET7lC1TdAhn6pLWXuXw== X-Google-Smtp-Source: AKy350YyMgsKfHKKIIfIx8DoQ8g13SiekTXWoWOz8yshxR+cettlIzOEZ4rTcfMYuh2XOauPgRV8kQ== X-Received: by 2002:a05:6870:f2a5:b0:17a:ccda:5c04 with SMTP id u37-20020a056870f2a500b0017accda5c04mr3131324oap.14.1681470141213; Fri, 14 Apr 2023 04:02:21 -0700 (PDT) Received: from smtpclient.apple ([2804:1b3:a7c2:55a1:80b1:e5ea:7545:c78]) by smtp.gmail.com with ESMTPSA id t62-20020a4a5441000000b005413e617935sm1563798ooa.15.2023.04.14.04.02.20 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 14 Apr 2023 04:02:20 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Adhemerval Zanella Mime-Version: 1.0 (1.0) Subject: Re: [glibc] malloc: Assure that THP mode is always null terminated Date: Fri, 14 Apr 2023 08:02:07 -0300 Message-Id: References: <87fs93lzuj.fsf@linux-m68k.org> Cc: Adhemerval Zanella via Glibc-cvs , Adhemerval Zanella In-Reply-To: <87fs93lzuj.fsf@linux-m68k.org> To: Andreas Schwab X-Mailer: iPhone Mail (20E252) X-Spam-Status: No, score=-12.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: > On 14 Apr 2023, at 03:52, Andreas Schwab wrote: >=20 > =EF=BB=BFOn Apr 13 2023, Adhemerval Zanella via Glibc-cvs wrote: >=20 >> diff --git a/sysdeps/unix/sysv/linux/malloc-hugepages.c b/sysdeps/unix/sy= sv/linux/malloc-hugepages.c >> index 683d68c327..740027ebfb 100644 >> --- a/sysdeps/unix/sysv/linux/malloc-hugepages.c >> +++ b/sysdeps/unix/sysv/linux/malloc-hugepages.c >> @@ -61,6 +61,7 @@ __malloc_thp_mode (void) >>=20 >> char str[sizeof(mode_always)]; >> ssize_t s =3D __read_nocancel (fd, str, sizeof (str)); >> + str[s] =3D '\0'; >=20 > This is a buffer overflow if s >=3D sizeof (str) or s < 0. Indeed, thanks for catching it. I will fix it.