From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from serval.cherry.relay.mailchannels.net (serval.cherry.relay.mailchannels.net [23.83.223.163]) by sourceware.org (Postfix) with ESMTPS id F1E83385842A for ; Wed, 22 Nov 2023 13:24:55 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org F1E83385842A Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=sourceware.org Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=sourceware.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org F1E83385842A Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=23.83.223.163 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700659498; cv=pass; b=BIFYA1r31eRmo5uTXXhgdwatSW5fBhJO8+V5n0VZRJ/I2uxLWyN3QRiGfBE3pRBTugjUFrKSqaezvHZA3lI6PLXrTHNmzAkC0MGFOtiEhZ61f1inClw44J0IMcAht1Q3HLR5OW+gM8ar4BdsZAZdWib0PFgB7PbRa4nnrh3fZ8Y= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700659498; c=relaxed/simple; bh=wcJzPrQGAKUGzl4bJe6EpAwntdPv9DGqKHrBnfk4JyU=; h=Message-ID:Date:MIME-Version:Subject:To:From; b=L+HY0IRdbUzosJ/5B+cx9WZjLyN2L115/RnVoKzqmpxUwwi7c1J1aqxD7SsL4DUoOPBK4xatXaY8WX5Ravedzdq2JMNMVoxKH3pUm7TN8iSr/fn6hfgS9mCWcbljqdsPiPDzQdEpaOyoGOxIy7deID6HfpkbdGg8tcaMuIjR3iI= ARC-Authentication-Results: i=2; server2.sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 14641542EEA; Wed, 22 Nov 2023 13:24:55 +0000 (UTC) Received: from pdx1-sub0-mail-a240.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id B23E0542ED6; Wed, 22 Nov 2023 13:24:54 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1700659494; a=rsa-sha256; cv=none; b=ZeS9arC3PnAoPmSFjie519sb3ESDdfjaqVeMRLlYw9nzi6bIu10//v1P9Oz+USIMK1ooXZ G06MEyKEjO/BJsW0igQTHPyUCl1+fzieeA1xdAbn9jDa0u1mulstwdTRNSnb8hQwRS7Jao HhcHrWns9tEDdENR8agPB1Yt2NP6m/rrYeeRnnM+isy3tAprwQbykJlZJxvEPUIUoCwLRg QWkjfnds7roYbWPIXwGpT4NvE8Glu4SvfK04h8QxcTUnB1xI5xKQf7KoMdj9nTXEBtUu3T Kdcq/XDLpVm10k/g7kEkIyf8TGH5c8XdVKU1tFT7YvrotJDSNXlKclRLythdFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1700659494; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7X1eWsYMiaVmzcXqPyaUlmodgCmQhVg/aP4ytLGClm4=; b=kXr7ccxSpemZ5ksouWwPSGNrY8vWH+C6lt5lhC/SOeAe+WeDanktGtV7TLezw2AGwFg4Ap FNmmeruKmVeoqrdGkIal66czHGCwYQUygGUo0+4N/8j1rZ2vebS5RgdZX6yR6MmvDa7cRU 7rikPobmHII+/T1pMlFDldlAcGRO/i7B7//0/ou1jYvqi8lw1LkrlEwAap5IEiCLYZUTLr 3GZcKstdNR2rEbdtIg1rHXnLFihq36d+6iujmWi9QV0l4A7OAy9w7AFg+xFrpo8mwMYSdV zRY4FK6yMLM5PQhAjsVrBpSczP5dZCMczhrgQnLep74Ut5BVDYlb5FieeWPMqg== ARC-Authentication-Results: i=1; rspamd-5f5ccc4f7-jc9p5; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Bitter-Attack: 293173b827e92c19_1700659494862_1471557880 X-MC-Loop-Signature: 1700659494862:1363463530 X-MC-Ingress-Time: 1700659494862 Received: from pdx1-sub0-mail-a240.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.117.123.8 (trex/6.9.2); Wed, 22 Nov 2023 13:24:54 +0000 Received: from [192.168.2.12] (bras-vprn-toroon4834w-lp130-02-142-113-138-136.dsl.bell.ca [142.113.138.136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a240.dreamhost.com (Postfix) with ESMTPSA id 4Sb26G2xG8zJt; Wed, 22 Nov 2023 05:24:54 -0800 (PST) Message-ID: <43f76c67-57f2-4107-95f0-524e91c9ea7b@sourceware.org> Date: Wed, 22 Nov 2023 08:24:53 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v3 11/19] elf: Do not duplicate the GLIBC_TUNABLES string Content-Language: en-US To: Adhemerval Zanella Netto , libc-alpha@sourceware.org References: <20231106202552.3404059-1-adhemerval.zanella@linaro.org> <20231106202552.3404059-12-adhemerval.zanella@linaro.org> <0be5babe-a123-47af-98e1-abab4d1c7fd2@sourceware.org> <7692cb6a-0832-403c-b704-b4f143b21e12@sourceware.org> <2d25f3e5-6433-4c42-a4e1-eb80b973d21a@linaro.org> From: Siddhesh Poyarekar In-Reply-To: <2d25f3e5-6433-4c42-a4e1-eb80b973d21a@linaro.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1164.6 required=5.0 tests=BAYES_00,BODY_8BITS,KAM_DMARC_NONE,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_SOFTFAIL,TXREP,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-11-22 08:03, Adhemerval Zanella Netto wrote: > > > On 22/11/23 09:23, Siddhesh Poyarekar wrote: >> On 2023-11-21 13:12, Adhemerval Zanella Netto wrote: >>>>> -tunable_initialize (tunable_t *cur, const char *strval) >>>>> +tunable_initialize (tunable_t *cur, const char *strval, size_t len) >>>>>    { >>>>> -  tunable_val_t val; >>>>> +  tunable_val_t val = { 0 }; >>>>>        if (cur->type.type_code != TUNABLE_TYPE_STRING) >>>>>        val.numval = (tunable_num_t) _dl_strtoul (strval, NULL); >>>> >>>> There's an implicit assumption that strval is NULL terminated for numeric values.  Is that safe?  Maybe all you need to do here is copy strval into a static buffer of size 21 (basically size of the string representing -1ULL) and pass that to _dl_strtoul. >>> >>> Afaiu the environment variable will always be NULL terminated (although some >>> might overlap).  This is due how the kernel will layout the argv/envp on >>> process creation at sys_execve: >> >> Sure, but the strval here should not be the entire envvar, just the value portion of it.  Granted that _dl_strtoul will bail out on the first non-numeric character, so maybe it's not > > For the GLIBC_TUNABLES itself, parse_tunables will pass the correct length > for each tunable. For the alias case, get_next_env will pass the value > length (which I fixed on v4 btw). So I think there is no need to copy the > value on a temporary value, parsing can be done in-place since kernel ensures > the string will be null-terminated. Yes, but the length is not passed into _dl_strtoul, which will then parse until it finds a non-numeric character. That's probably not an issue for a properly validated tunable string (and your patch to bail out in case of invalid tunable strings ensures that), but at the minimum there should be a comment stating that assumption for future you, or me. Thanks, Sid