From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=dCu7=CZ=redhat.com=josimmon@sourceware.org>
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by sourceware.org (Postfix) with ESMTPS id 440C038582AC
	for <libc-alpha@sourceware.org>; Fri,  7 Jul 2023 20:04:05 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 440C038582AC
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1688760244;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=d7euySAe+3hO9KicqNOuyT/yUaxLLGrsjU+xag0TjD8=;
	b=YXE54zhMGghV+xoHIBXYj4bME/Pfbx5CUEGgpN6T1JqaiwjYopJt5/GAIFFHvc/9Bdq6mb
	hzNuLKitdN9KZo3CCgJZcrNKxD0mYSnB30huaO4yBj+Iwg4iLunrQ3nCRclW6YPy/Po2gN
	KodexnOQEXPNdvXvEf8PGOBJpEM9OVc=
Received: from mail-qv1-f70.google.com (mail-qv1-f70.google.com
 [209.85.219.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-470-y0w5Pm1JMvORFAs8cwoEPw-1; Fri, 07 Jul 2023 16:04:03 -0400
X-MC-Unique: y0w5Pm1JMvORFAs8cwoEPw-1
Received: by mail-qv1-f70.google.com with SMTP id 6a1803df08f44-635a3b9d24eso21488816d6.0
        for <libc-alpha@sourceware.org>; Fri, 07 Jul 2023 13:04:03 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1688760243; x=1691352243;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=d7euySAe+3hO9KicqNOuyT/yUaxLLGrsjU+xag0TjD8=;
        b=Q+KsZ79OyYLnoiIZ3Y/U1PU0tCTjys9y7ZXJRjto8mRfaPFdM6Nqt86SoamhoC/UZ3
         lky4K2TGNrlXl8We96awJrXzW6+80NCRmswdWi8LNCmM0eUrFthqmyzcvMXtei0oTT5p
         h34i2iK1Em6jWULqNSaifXdPsCHcCEBC5+Ub2Vce4QDuB6GI74LbxEW7lYjILosDffnG
         i61cl4XAXxZk64cQfmi+WYTazOz8ktHIiXmOX6g8YOsHXD6CSvSw85GR//NS0r8w2F9W
         HI9hGYSYQLjMQACCWpWXRur+QKWe89tZACAM8VUQxdoeITHTBuMLg3UbRVTTt4qE1yNQ
         jcFQ==
X-Gm-Message-State: ABy/qLZRlpo8e6W0CmOKxOMnu5i0XqkUF8itDwgu04Od1Ly2GLNHsgK5
	Pez1SZrixR1lw8YG/hyavaG2E5slo/Ztdc5aEPCJ6HVtdpVEDeOJrg53fd8ceHi8rCi8ZaR6X3z
	zPVmfG/uDsCn1XJby2Gqao2FYujB2U2l3ZQWRhytRP3Rtj6xQMAQsw/qfXl+dUkDYfbb8OtBJuj
	Ul7IZq
X-Received: by 2002:a0c:e403:0:b0:625:aa49:19f2 with SMTP id o3-20020a0ce403000000b00625aa4919f2mr4815832qvl.63.1688760242829;
        Fri, 07 Jul 2023 13:04:02 -0700 (PDT)
X-Google-Smtp-Source: APBJJlFaNrt3IH6a8UyGgl3gPW43mFMK36p1k7SGxorQtrUS6ReHtM8voGadfjKA4/fu3rzF53cp6Q==
X-Received: by 2002:a0c:e403:0:b0:625:aa49:19f2 with SMTP id o3-20020a0ce403000000b00625aa4919f2mr4815811qvl.63.1688760242523;
        Fri, 07 Jul 2023 13:04:02 -0700 (PDT)
Received: from oak.redhat.com (c-71-206-142-238.hsd1.va.comcast.net. [71.206.142.238])
        by smtp.gmail.com with ESMTPSA id u1-20020a0cf1c1000000b00630182f0191sm2438341qvl.1.2023.07.07.13.04.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 07 Jul 2023 13:04:02 -0700 (PDT)
From: Joe Simmons-Talbott <josimmon@redhat.com>
To: libc-alpha@sourceware.org
Cc: Joe Simmons-Talbott <josimmon@redhat.com>
Subject: [PATCH] getpw: Get rid of alloca
Date: Fri,  7 Jul 2023 16:04:00 -0400
Message-Id: <20230707200400.378096-1-josimmon@redhat.com>
X-Mailer: git-send-email 2.40.1
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"; x-default=true
X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>

Use a scratch_buffer rather than alloca to avoid potential stack
overflow.
---
 pwd/getpw.c | 34 +++++++++++++++++++++++++++-------
 1 file changed, 27 insertions(+), 7 deletions(-)

diff --git a/pwd/getpw.c b/pwd/getpw.c
index cf747374b8..7a27d79910 100644
--- a/pwd/getpw.c
+++ b/pwd/getpw.c
@@ -15,8 +15,8 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
-#include <alloca.h>
 #include <errno.h>
+#include <scratch_buffer.h>
 #include <stdio.h>
 #include <unistd.h>
 #include <pwd.h>
@@ -34,28 +34,48 @@ __getpw (__uid_t uid, char *buf)
   size_t buflen;
   char *tmpbuf;
   struct passwd resbuf, *p;
+  int retval = 0;
+  struct scratch_buffer sbuf;
+  scratch_buffer_init (&sbuf);
 
   if (buf == NULL)
     {
       __set_errno (EINVAL);
-      return -1;
+      retval =  -1;
+      goto error_out;
     }
 
   buflen = __sysconf (_SC_GETPW_R_SIZE_MAX);
-  tmpbuf = alloca (buflen);
+  if (!scratch_buffer_set_array_size (&sbuf, 1, buflen))
+    {
+      retval = -1;
+      goto error_out;
+    }
+  tmpbuf = sbuf.data;
 
   if (__getpwuid_r (uid, &resbuf, tmpbuf, buflen, &p) != 0)
-    return -1;
+    {
+      retval = -1;
+      goto error_out;
+    }
 
   if (p == NULL)
-    return -1;
+    {
+      retval = -1;
+      goto error_out;
+    }
 
   if (sprintf (buf, "%s:%s:%lu:%lu:%s:%s:%s", p->pw_name, p->pw_passwd,
 	       (unsigned long int) p->pw_uid, (unsigned long int) p->pw_gid,
 	       p->pw_gecos, p->pw_dir, p->pw_shell) < 0)
-    return -1;
+    {
+      retval = -1;
+      goto error_out;
+    }
 
-  return 0;
+error_out:
+  scratch_buffer_free (&sbuf);
+  return retval;
 }
 weak_alias (__getpw, getpw)
 
-- 
2.39.2