From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-il1-x130.google.com (mail-il1-x130.google.com [IPv6:2607:f8b0:4864:20::130]) by sourceware.org (Postfix) with ESMTPS id B32FD3858D3C for ; Sun, 16 Jan 2022 00:21:20 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org B32FD3858D3C Received: by mail-il1-x130.google.com with SMTP id x10so5031670ilq.7 for ; Sat, 15 Jan 2022 16:21:20 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:from :subject:to:content-language; bh=0ocRj57LDd2FJE11kJzO0mwqkxpv7xPYmFGMkDYsLq4=; b=62lnuspnK/TAKIor6AyMLjFK/WVFvx11RTPeIayJcyZUcK0myx5PSCVJbP3jkoclRC lbmTloO/IH4R5pKTfBmVAk6Dowpjze9DT/TDz2cRW6ME4E3ARVD1Yqn6l9+GwW6vxmXN dlty10Av6WjDA6Lkbei+Y8o7KgDpWg1D723+KIVX4ngXOVaBuYzpzvA6xWhpsFsIycPd UzqLtznxMitwW6Gi2OHiDi5l6sXsSSY2WDF2X8J7X2p9RgfSQuGODZlNIz/szYkt0Pah Ydle8qQY7F1f2z0uMwvKOgQrMfiWLHdvbTDksXnhjgXF/yNTXph/JxR1sQE/V49IiWlB JXvw== X-Gm-Message-State: AOAM531mcEKTelth3l5vScWSJ8HNFn0GaGvZT+jszR+pgJcNx6C6HpT6 bJyEei8OIBIMTp2Luo/WjeMn8Oo4ZLM= X-Google-Smtp-Source: ABdhPJy4TlfD8XbvDT6icGU7QM8Usx9LLpEV/FaVwH5z5gm6fnJdVmJ4LEEs6mo6en39k5zz+uJc5A== X-Received: by 2002:a05:6e02:20e6:: with SMTP id q6mr7739891ilv.301.1642292479996; Sat, 15 Jan 2022 16:21:19 -0800 (PST) Received: from [192.168.0.41] (97-118-100-142.hlrn.qwest.net. [97.118.100.142]) by smtp.gmail.com with ESMTPSA id o25sm5696226ioa.41.2022.01.15.16.21.19 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 15 Jan 2022 16:21:19 -0800 (PST) Content-Type: multipart/mixed; boundary="------------QuBS919W0EoLp1zS9qETLw4i" Message-ID: Date: Sat, 15 Jan 2022 17:21:19 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.4.0 From: Martin Sebor Subject: [PATCH] avoid -Wuse-after-free [BZ #26779] To: libc-alpha@sourceware.org Content-Language: en-US X-Spam-Status: No, score=-10.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jan 2022 00:21:22 -0000 This is a multi-part message in MIME format. --------------QuBS919W0EoLp1zS9qETLw4i Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit GCC 12 features a couple of new warnings designed to detect uses of pointers made invalid by the pointees lifetimes having ended. Building Glibc with the enhanced GCC exposes a few such uses, mostly after successful calls to realloc. The attached patch avoids the new warnings by converting the pointers to uintptr_t first and using the converted integers instead. The patch suppresses all instances of the warning at the strictest setting (-Wuse-after-free=3), which includes even uses in equality expressions. The default setting approved for GCC 12 is -Wuse-after-free=2, which doesn't warn on such uses to accommodate the pointer-adjustment-after-realloc idiom. At the default setting, the changes to ldconfig.c and setenv are not necessary. Martin --------------QuBS919W0EoLp1zS9qETLw4i Content-Type: text/x-patch; charset=UTF-8; name="glibc-26779.diff" Content-Disposition: attachment; filename="glibc-26779.diff" Content-Transfer-Encoding: base64 ZGlmZiAtLWdpdCBhL2VsZi9sZGNvbmZpZy5jIGIvZWxmL2xkY29uZmlnLmMKaW5kZXggZDE0 NjMzZjVlYy4uNTdiYjk1ZWJjMyAxMDA2NDQKLS0tIGEvZWxmL2xkY29uZmlnLmMKKysrIGIv ZWxmL2xkY29uZmlnLmMKQEAgLTczNSw5ICs3MzUsOSBAQCBtYW51YWxfbGluayAoY2hhciAq bGlicmFyeSkKICAgY3JlYXRlX2xpbmtzIChyZWFsX3BhdGgsIHBhdGgsIGxpYm5hbWUsIHNv bmFtZSk7CiAgIGZyZWUgKHNvbmFtZSk7CiBvdXQ6Ci0gIGZyZWUgKHBhdGgpOwogICBpZiAo cGF0aCAhPSByZWFsX3BhdGgpCiAgICAgZnJlZSAocmVhbF9wYXRoKTsKKyAgZnJlZSAocGF0 aCk7CiB9CiAKIApkaWZmIC0tZ2l0IGEvaW50bC9sb2NhbGVhbGlhcy5jIGIvaW50bC9sb2Nh bGVhbGlhcy5jCmluZGV4IDNhZTM2MGY0MGQuLmU1ODFlZTQzNDYgMTAwNjQ0Ci0tLSBhL2lu dGwvbG9jYWxlYWxpYXMuYworKysgYi9pbnRsL2xvY2FsZWFsaWFzLmMKQEAgLTMxOCw3ICsz MTgsOSBAQCByZWFkX2FsaWFzX2ZpbGUgKGNvbnN0IGNoYXIgKmZuYW1lLCBpbnQgZm5hbWVf bGVuKQogCiAJCSAgaWYgKHN0cmluZ19zcGFjZV9hY3QgKyBhbGlhc19sZW4gKyB2YWx1ZV9s ZW4gPiBzdHJpbmdfc3BhY2VfbWF4KQogCQkgICAgewotCQkgICAgICAvKiBJbmNyZWFzZSBz aXplIG9mIG1lbW9yeSBwb29sLiAgKi8KKwkJICAgICAgLyogSW5jcmVhc2Ugc2l6ZSBvZiBt ZW1vcnkgcG9vbC4gIEF2b2lkIHVzaW5nIHRoZSByYXcKKwkJCSByZWFsbG9jYXRlZCBwb2lu dGVyIHRvIGF2b2lkIEdDQyAtV3VzZS1hZnRlci1mcmVlLiAgKi8KKwkJICAgICAgaW50cHRy X3QgaXBfc3RyaW5nX3NwYWNlID0gKGludHB0cl90KXN0cmluZ19zcGFjZTsKIAkJICAgICAg c2l6ZV90IG5ld19zaXplID0gKHN0cmluZ19zcGFjZV9tYXgKIAkJCQkJICsgKGFsaWFzX2xl biArIHZhbHVlX2xlbiA+IDEwMjQKIAkJCQkJICAgID8gYWxpYXNfbGVuICsgdmFsdWVfbGVu IDogMTAyNCkpOwpAQCAtMzI2LDE0ICszMjgsMTYgQEAgcmVhZF9hbGlhc19maWxlIChjb25z dCBjaGFyICpmbmFtZSwgaW50IGZuYW1lX2xlbikKIAkJICAgICAgaWYgKG5ld19wb29sID09 IE5VTEwpCiAJCQlnb3RvIG91dDsKIAotCQkgICAgICBpZiAoX19idWlsdGluX2V4cGVjdCAo c3RyaW5nX3NwYWNlICE9IG5ld19wb29sLCAwKSkKKwkJICAgICAgaW50cHRyX3QgaXBfbmV3 X3Bvb2wgPSAoaW50cHRyX3QpbmV3X3Bvb2w7CisJCSAgICAgIGludHB0cl90IHB0cl9kaWZm ID0gaXBfbmV3X3Bvb2wgLSBpcF9zdHJpbmdfc3BhY2U7CisJCSAgICAgIGlmIChfX2J1aWx0 aW5fZXhwZWN0IChwdHJfZGlmZiA9PSAwLCAwKSkKIAkJCXsKIAkJCSAgc2l6ZV90IGk7CiAK IAkJCSAgZm9yIChpID0gMDsgaSA8IG5tYXA7IGkrKykKIAkJCSAgICB7Ci0JCQkgICAgICBt YXBbaV0uYWxpYXMgKz0gbmV3X3Bvb2wgLSBzdHJpbmdfc3BhY2U7Ci0JCQkgICAgICBtYXBb aV0udmFsdWUgKz0gbmV3X3Bvb2wgLSBzdHJpbmdfc3BhY2U7CisJCQkgICAgICBtYXBbaV0u YWxpYXMgKz0gcHRyX2RpZmY7CisJCQkgICAgICBtYXBbaV0udmFsdWUgKz0gcHRyX2RpZmY7 CiAJCQkgICAgfQogCQkJfQogCmRpZmYgLS1naXQgYS9pby9mdHcuYyBiL2lvL2Z0dy5jCmlu ZGV4IDI3NDI1NDFmMzYuLjA4Y2NiZGQ1MjMgMTAwNjQ0Ci0tLSBhL2lvL2Z0dy5jCisrKyBi L2lvL2Z0dy5jCkBAIC0zMjMsOCArMzIzLDggQEAgb3Blbl9kaXJfc3RyZWFtIChpbnQgKmRm ZHAsIHN0cnVjdCBmdHdfZGF0YSAqZGF0YSwgc3RydWN0IGRpcl9kYXRhICpkaXJwKQogCSAg YnVmW2FjdHNpemUrK10gPSAnXDAnOwogCiAJICAvKiBTaHJpbmsgdGhlIGJ1ZmZlciB0byB3 aGF0IHdlIGFjdHVhbGx5IG5lZWQuICAqLwotCSAgZGF0YS0+ZGlyc3RyZWFtc1tkYXRhLT5h Y3RkaXJdLT5jb250ZW50ID0gcmVhbGxvYyAoYnVmLCBhY3RzaXplKTsKLQkgIGlmIChkYXRh LT5kaXJzdHJlYW1zW2RhdGEtPmFjdGRpcl0tPmNvbnRlbnQgPT0gTlVMTCkKKwkgIHZvaWQg KmNvbnRlbnQgPSByZWFsbG9jIChidWYsIGFjdHNpemUpOworCSAgaWYgKGNvbnRlbnQgPT0g TlVMTCkKIAkgICAgewogCSAgICAgIGludCBzYXZlX2VyciA9IGVycm5vOwogCSAgICAgIGZy ZWUgKGJ1Zik7CkBAIC0zMzgsNiArMzM4LDcgQEAgb3Blbl9kaXJfc3RyZWFtIChpbnQgKmRm ZHAsIHN0cnVjdCBmdHdfZGF0YSAqZGF0YSwgc3RydWN0IGRpcl9kYXRhICpkaXJwKQogCSAg ICAgIGRhdGEtPmRpcnN0cmVhbXNbZGF0YS0+YWN0ZGlyXS0+c3RyZWFtZmQgPSAtMTsKIAkg ICAgICBkYXRhLT5kaXJzdHJlYW1zW2RhdGEtPmFjdGRpcl0gPSBOVUxMOwogCSAgICB9CisJ ICBkYXRhLT5kaXJzdHJlYW1zW2RhdGEtPmFjdGRpcl0tPmNvbnRlbnQgPSBjb250ZW50Owog CX0KICAgICB9CiAKZGlmZiAtLWdpdCBhL3N0ZGxpYi9zZXRlbnYuYyBiL3N0ZGxpYi9zZXRl bnYuYwppbmRleCBjM2QyY2VlN2I2Li4yMTc2Y2JhYzMxIDEwMDY0NAotLS0gYS9zdGRsaWIv c2V0ZW52LmMKKysrIGIvc3RkbGliL3NldGVudi5jCkBAIC0xNTAsNyArMTUwLDkgQEAgX19h ZGRfdG9fZW52aXJvbiAoY29uc3QgY2hhciAqbmFtZSwgY29uc3QgY2hhciAqdmFsdWUsIGNv bnN0IGNoYXIgKmNvbWJpbmVkLAogICAgIHsKICAgICAgIGNoYXIgKipuZXdfZW52aXJvbjsK IAotICAgICAgLyogV2UgYWxsb2NhdGVkIHRoaXMgc3BhY2U7IHdlIGNhbiBleHRlbmQgaXQu ICAqLworICAgICAgLyogV2UgYWxsb2NhdGVkIHRoaXMgc3BhY2U7IHdlIGNhbiBleHRlbmQg aXQuICBBdm9pZCB1c2luZyB0aGUgcmF3CisJIHJlYWxsb2NhdGVkIHBvaW50ZXIgdG8gYXZv aWQgR0NDIC1XdXNlLWFmdGVyLWZyZWUuICAqLworICAgICAgdWludHB0cl90IGlwX2xhc3Rf ZW52aXJvbiA9ICh1aW50cHRyX3QpbGFzdF9lbnZpcm9uOwogICAgICAgbmV3X2Vudmlyb24g PSAoY2hhciAqKikgcmVhbGxvYyAobGFzdF9lbnZpcm9uLAogCQkJCSAgICAgICAoc2l6ZSAr IDIpICogc2l6ZW9mIChjaGFyICopKTsKICAgICAgIGlmIChuZXdfZW52aXJvbiA9PSBOVUxM KQpAQCAtMTU5LDcgKzE2MSw3IEBAIF9fYWRkX3RvX2Vudmlyb24gKGNvbnN0IGNoYXIgKm5h bWUsIGNvbnN0IGNoYXIgKnZhbHVlLCBjb25zdCBjaGFyICpjb21iaW5lZCwKIAkgIHJldHVy biAtMTsKIAl9CiAKLSAgICAgIGlmIChfX2Vudmlyb24gIT0gbGFzdF9lbnZpcm9uKQorICAg ICAgaWYgKCh1aW50cHRyX3QpX19lbnZpcm9uICE9IGlwX2xhc3RfZW52aXJvbikKIAltZW1j cHkgKChjaGFyICopIG5ld19lbnZpcm9uLCAoY2hhciAqKSBfX2Vudmlyb24sCiAJCXNpemUg KiBzaXplb2YgKGNoYXIgKikpOwogCg== --------------QuBS919W0EoLp1zS9qETLw4i--