From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-66857-listarch-libc-alpha=sources.redhat.com@sourceware.org>
Received: (qmail 92294 invoked by alias); 1 Feb 2016 17:18:43 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 92277 invoked by uid 89); 1 Feb 2016 17:18:42 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=
X-HELO: mail-yk0-f169.google.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:subject:to:references:cc:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-type
         :content-transfer-encoding;
        bh=eAirZhf6luHSeevxuQ5W1e+jHerMzptR/pZ6Q0GZ3EU=;
        b=Wc4r3GZ5/PdLWPWM74GUBEcuejx00cB+WQ7NTIgzrdjBLmAd11iRnKJn3iEgfJCK7P
         0/G41erUSMc4qedjtHQKfB8m0AxDu0KzNXgYatWOa3ajkZm765Aa5HKWxA4KKUd6el3I
         lznW6yc64Cp29ekCsKzWCaSrWs+8rzmwTlf5ycTE4swQAOvhRkwTZTAUWtbbjOrQcb2i
         Zvom7oNwLE/E63RZa1s9Be68xERWn1k4eYu4yKjHYG/mqk8EwB00LN7wzLX/qVghBHXW
         R1iA0wx75MvFjjlWg8Ie6JWqOrVmtLgsDfTNUunsFlaChp1gRgLXjy8npMq3ev3Yd70E
         Q4LQ==
X-Gm-Message-State: AG10YOTpTXIAsg+MOLJdmYORML56avSrZk/FFHkJ+pworVrMAv9RuXkatmUM9YQCgwgHNyWW
X-Received: by 10.13.203.216 with SMTP id n207mr11865917ywd.204.1454347119974;
        Mon, 01 Feb 2016 09:18:39 -0800 (PST)
Subject: Re: [PATCH v2 1/3] posix: Remove dynamic memory allocation from
 execl{e,p}
To: Joseph Myers <joseph@codesourcery.com>
References: <1454343665-1706-1-git-send-email-adhemerval.zanella@linaro.org>
 <1454343665-1706-2-git-send-email-adhemerval.zanella@linaro.org>
 <alpine.DEB.2.10.1602011648030.2674@digraph.polyomino.org.uk>
Cc: libc-alpha@sourceware.org
From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Message-ID: <56AF936C.6070907@linaro.org>
Date: Mon, 01 Feb 2016 17:18:00 -0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <alpine.DEB.2.10.1602011648030.2674@digraph.polyomino.org.uk>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-SW-Source: 2016-02/txt/msg00028.txt.bz2



On 01-02-2016 14:52, Joseph Myers wrote:
> On Mon, 1 Feb 2016, Adhemerval Zanella wrote:
> 
>> +  char *argv[argc+1];
>> +  va_start (ap, arg);
>> +  argv[0] = (char*) arg;
>> +  for (i = 1; i < argc; i++)
>> +     argv[i] = va_arg (ap, char *);
>> +  argv[i] = NULL;
> 
> I don't see how you're ensuring this stack allocation is safe (i.e. if 
> it's too big, it doesn't corrupt memory that's in use by other threads).  
> Can't it jump beyond any guard page and start overwriting other memory, 
> possibly in use by another thread, before reaching unmapped memory?  I'd 
> expect safe large stack allocations (as with -fstack-check) to need to 
> touch the pages in the right order (and doing that safely probably means 
> using -fstack-check).
> 

Right, it is not ensuring the safeness. Is '-fstack-check' the suffice 
option to ensure it or do we need a more strict one?