From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-91490-listarch-libc-alpha=sources.redhat.com@sourceware.org>
Received: (qmail 39788 invoked by alias); 10 Apr 2018 08:08:53 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 38710 invoked by uid 89); 10 Apr 2018 08:08:53 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.8 required=5.0 tests=BAYES_50,SPF_PASS autolearn=ham version=3.3.2 spammy=schwab, 0EEA, schwab@suse.de, e4d4
X-HELO: mx2.suse.de
From: Andreas Schwab <schwab@suse.de>
To: Paul Pluzhnikov <ppluzhnikov@google.com>
Cc: GLIBC Devel <libc-alpha@sourceware.org>
Subject: Re: [patch] Fix path length overflow in realpath (BZ#22786)
References: <CALoOobOyeu6SM7DGPRqmHE6Y7BckFGmEFGeeFKDKjskL4EJDuA@mail.gmail.com>
	<CALoOobMWCHXYh-3rDeSfHauaOtpMmVMpv_obPA8Dk9ubTvfK=Q@mail.gmail.com>
X-Yow: WHOA!!  Ken and Barbie are having TOO MUCH FUN!!  It must
 be the NEGATIVE IONS!!
Date: Tue, 10 Apr 2018 08:08:00 -0000
In-Reply-To: <CALoOobMWCHXYh-3rDeSfHauaOtpMmVMpv_obPA8Dk9ubTvfK=Q@mail.gmail.com>
	(Paul Pluzhnikov's message of "Tue, 10 Apr 2018 00:25:21 +0000")
Message-ID: <mvm37037ab2.fsf@suse.de>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-SW-Source: 2018-04/txt/msg00185.txt.bz2

On Apr 10 2018, Paul Pluzhnikov <ppluzhnikov@google.com> wrote:

> +  const size_t path_len = (size_t) INT_MAX + 1;
> +  char *path = malloc (path_len);
> +
> +  if (path == NULL)
> +    {
> +      printf ("malloc (%zu): %m\n", path_len);
> +      return EXIT_FAILURE;
> +    }

Trying to allocate a block of INT_MAX+1 is rather likely to fail on a
32-bit platform.

Andreas.

-- 
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."