From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id CC2E33857721 for ; Mon, 15 May 2023 18:35:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org CC2E33857721 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1684175740; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=FW1xHWhRK1EjmAzT7ILuh6U8pJwNwF2ORoEm+GQQ//k=; b=C4koythhhOiS3CmFodVRGj/S6CN0Ap1kGQ0jZxbW/hpOulPmmAcgJLZ+qDqG7ydjV80J5C gxuImsCC9GHlfH2eyOHf/iSQW7ydv2ytvt+1VhQ8B5WFBHtewZwqTA+O3u85abPxVjvuhH UUMwiF8bySIgtoVvEC31LRDB4Mp3v/A= Received: from mail-yw1-f198.google.com (mail-yw1-f198.google.com [209.85.128.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-657-TEYqVZPxMqSi5Ci1gqAM4Q-1; Mon, 15 May 2023 14:35:38 -0400 X-MC-Unique: TEYqVZPxMqSi5Ci1gqAM4Q-1 Received: by mail-yw1-f198.google.com with SMTP id 00721157ae682-559fb5bed89so142715567b3.0 for ; Mon, 15 May 2023 11:35:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1684175738; x=1686767738; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FW1xHWhRK1EjmAzT7ILuh6U8pJwNwF2ORoEm+GQQ//k=; b=XIKMYt+Zk+8iJqfoejM6O6XJcDNTN6UUgUoJM1kCxd8cM5MAb4y65h8q5Qkou+au2y MiQ0oWcBxW25Aptj2hFPnFDOv7qqzJLbiBv8NHybC3fuB69fztneSU7m5WCeFrzFJhNu qAG5KwcwWRfaLeGD3zYvLGsPxo/1FFz1ySV/3PBwgtSIdymfTwcq2lRo6Cf7j2pSzDe4 ptjZ6L4onNhz4VpSFHPTQczPMvHkVpYGtQpoTgv9rBqxUPdxfmBRIEqK9z2thrcSSWEp j70MLfpJ5VTTBVfFO8jV1S5/7ksCNeaatq++dgwhMtHIcl7OWkOZdqoMh0PuBuR1QYur lf0Q== X-Gm-Message-State: AC+VfDxKYasonyCcfVsndB3VWO/BNJvuZDNpXiTuSVIFIJwqUtOkBhaF rjUWjy0/4FzDI1jM1+vEgNsPXWTZUHOhMU/m4ZmIKiXpD6GNIuM6TrxOfcOm1nYuvT+W9ZY9H5x /MfSmrLn/so6xPIsyaUiRv5PsCizd X-Received: by 2002:a0d:c604:0:b0:55a:8226:6192 with SMTP id i4-20020a0dc604000000b0055a82266192mr29437108ywd.7.1684175738034; Mon, 15 May 2023 11:35:38 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ65hCWf9n6B1a75AIpj7HUWOiKWCjqAXkBeJ2SOrgjnZzR/2cqOpB0BTnHPUcbDY3GDK32R0g== X-Received: by 2002:a0d:c604:0:b0:55a:8226:6192 with SMTP id i4-20020a0dc604000000b0055a82266192mr29437101ywd.7.1684175737775; Mon, 15 May 2023 11:35:37 -0700 (PDT) Received: from [192.168.0.241] ([198.48.244.52]) by smtp.gmail.com with ESMTPSA id d63-20020a814f42000000b00545cb6adc16sm6364ywb.6.2023.05.15.11.35.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 15 May 2023 11:35:37 -0700 (PDT) Message-ID: <35611aa1-595d-4158-9fea-672eafcde388@redhat.com> Date: Mon, 15 May 2023 14:35:36 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH v2] vfprintf-internal: Replace alloca with malloc. To: Joe Simmons-Talbott , libc-alpha@sourceware.org References: <20230510153230.2207571-1-josimmon@redhat.com> From: Carlos O'Donell Organization: Red Hat In-Reply-To: <20230510153230.2207571-1-josimmon@redhat.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-14.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 5/10/23 11:32, Joe Simmons-Talbott via Libc-alpha wrote: > Avoid potential stack overflow from unbounded alloca. This fails to apply in pre-commit CI e.g. error: corrupt patch at line 145 How did you generate this patch? > --- > Changes to v1: > * Don't check pointer before calling free() > * Move deallocation code after the all_done label > > stdio-common/vfprintf-internal.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/stdio-common/vfprintf-internal.c b/stdio-common/vfprintf-internal.c > index c76c06e49b..58c21481ce 100644 > --- a/stdio-common/vfprintf-internal.c > +++ b/stdio-common/vfprintf-internal.c > @@ -1001,6 +1001,7 @@ printf_positional (struct Xprintf_buffer * buf, const CHAR_T *format, > scratch_buffer_init (&specsbuf); > struct printf_spec *specs = specsbuf.data; > size_t specs_limit = specsbuf.length / sizeof (specs[0]); > + bool malloced_pa_user = false; > > /* Used as a backing store for args_value, args_size, args_type > below. */ > @@ -1171,7 +1172,10 @@ printf_positional (struct Xprintf_buffer * buf, const CHAR_T *format, > else if (__glibc_unlikely (__printf_va_arg_table != NULL) > && __printf_va_arg_table[args_type[cnt] - PA_LAST] != NULL) > { > - args_value[cnt].pa_user = alloca (args_size[cnt]); > + args_value[cnt].pa_user = malloc (args_size[cnt]); > + if (args_value[cnt].pa_user == NULL) > + break; > + malloced_pa_user = true; > (*__printf_va_arg_table[args_type[cnt] - PA_LAST]) > (args_value[cnt].pa_user, ap_savep); > } > @@ -1334,7 +1338,11 @@ printf_positional (struct Xprintf_buffer * buf, const CHAR_T *format, > (specs[nspecs_done].next_fmt > - specs[nspecs_done].end_of_fmt)); > } > all_done: > + if (malloced_pa_user) > + for (cnt = 0; cnt < nargs; ++cnt) > + free (args_value[cnt].pa_user); > scratch_buffer_free (&argsbuf); > scratch_buffer_free (&specsbuf); > } -- Cheers, Carlos.