From: Joe Simmons-Talbott <josimmon@redhat.com>
To: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org
Subject: Re: [PATCH] elf: dl-load: Get rid of alloca usage.
Date: Wed, 18 Oct 2023 09:31:51 -0400 [thread overview]
Message-ID: <20231018133151.GT4098455@oak> (raw)
In-Reply-To: <f206350c-2459-445e-883d-ff0d1f41fa86@linaro.org>
On Tue, Oct 17, 2023 at 02:50:41PM -0300, Adhemerval Zanella Netto wrote:
>
>
> On 02/10/23 10:24, Joe Simmons-Talbott wrote:
> > Replace alloca usage with scratch_buffers. Change the sematics of
> > is_trusted_path_normalize to return 1, 0, or -1 on error.
> > ---
> > elf/dl-load.c | 72 ++++++++++++++++++++++++++++++++++++++++++---------
> > 1 file changed, 60 insertions(+), 12 deletions(-)
> >
> > diff --git a/elf/dl-load.c b/elf/dl-load.c
> > index 2923b1141d..c8e135b6e5 100644
> > --- a/elf/dl-load.c
> > +++ b/elf/dl-load.c
> > @@ -21,6 +21,7 @@
> > #include <errno.h>
> > #include <fcntl.h>
> > #include <libintl.h>
> > +#include <scratch_buffer.h>
> > #include <stdbool.h>
> > #include <stdlib.h>
> > #include <string.h>
> > @@ -124,14 +125,21 @@ static const size_t system_dirs_len[] =
> > };
> > #define nsystem_dirs_len array_length (system_dirs_len)
> >
> > -static bool
> > +static int
>
> The main problem is _dl_dst_substitute, which calls is_trusted_path_normalize,
> is not suppose to fail. The expand_dynamic_string_token does handle null,
> but fillin_rpath will just ignore the entry. I think it should
> _dl_signal_error (ENOMEM, ...).
>
> Same for expand_dst macro, which does not expect to _dl_dst_substitute fail
> with memory allocation.
>
> So I think it would be better to split the patch to first only remove the
> alloca from is_trusted_path_normalize, add memory allocation checks on
> _dl_dst_substitute to return NULL if is_trusted_path_normalize fails to
> allocate memory, and add NULL checks for _dl_dst_substitute callers as well.
I've posted a v2 which hopefully does as you've suggested. I also added
the scratch_buffer_free that was overlooked. Thanks for your review.
Thanks,
Joe
prev parent reply other threads:[~2023-10-18 13:31 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-02 13:24 Joe Simmons-Talbott
2023-10-10 19:07 ` Joe Simmons-Talbott
2023-10-17 17:50 ` Adhemerval Zanella Netto
2023-10-18 13:31 ` Joe Simmons-Talbott [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231018133151.GT4098455@oak \
--to=josimmon@redhat.com \
--cc=adhemerval.zanella@linaro.org \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).