From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-hacker-return-8972-listarch-libc-hacker=sources.redhat.com@sourceware.org>
Received: (qmail 30134 invoked by alias); 12 May 2006 15:42:03 -0000
Received: (qmail 30113 invoked by uid 22791); 12 May 2006 15:42:01 -0000
X-Spam-Check-By: sourceware.org
Received: from sunsite.ms.mff.cuni.cz (HELO sunsite.mff.cuni.cz) (195.113.15.26)
    by sourceware.org (qpsmtpd/0.31) with ESMTP; Fri, 12 May 2006 15:41:56 +0000
Received: from sunsite.mff.cuni.cz (sunsite.mff.cuni.cz [127.0.0.1])
	by sunsite.mff.cuni.cz (8.13.1/8.13.1) with ESMTP id k4CFfpYq008831;
	Fri, 12 May 2006 17:41:51 +0200
Received: (from jj@localhost)
	by sunsite.mff.cuni.cz (8.13.1/8.13.1/Submit) id k4CFfp8U008829;
	Fri, 12 May 2006 17:41:51 +0200
Date: Fri, 12 May 2006 15:42:00 -0000
From: Jakub Jelinek <jakub@redhat.com>
To: Ulrich Drepper <drepper@redhat.com>
Cc: Glibc hackers <libc-hacker@sources.redhat.com>
Subject: [PATCH] Pass cpusetsize rather than sizeof (cpu_set_t) in sched_getaffinity
Message-ID: <20060512154150.GN4651@sunsite.mff.cuni.cz>
Reply-To: Jakub Jelinek <jakub@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.1i
Mailing-List: contact libc-hacker-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:libc-hacker-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-hacker/>
List-Post: <mailto:libc-hacker@sourceware.org>
List-Help: <mailto:libc-hacker-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-hacker-owner@sourceware.org
X-SW-Source: 2006-05/txt/msg00014.txt.bz2

Hi!

If sched_getaffinity is called with cpusetsize smaller than sizeof
(cpu_set_t) (people shouldn't do that but they reportably do that),
sched_getaffinity may segfault (calling memset with > 2GB size).
Also, if ever is kernel configured for 1025+ CPUs, sched_getaffinity
would always fail even if the user passed buffer big enough
(as it would still call the syscall with 128 and just bzero the rest).

The following matches what pthread_getaffinity_np is doing.

2006-05-12  Jakub Jelinek  <jakub@redhat.com>

	* sysdeps/unix/sysv/linux/sched_getaffinity.c: Include sys/param.h.
	(__sched_getaffinity_new): Don't crash if cpusetsize is smaller than
	sizeof (cpu_set_t).

--- libc/sysdeps/unix/sysv/linux/sched_getaffinity.c.jj	2005-12-19 08:43:50.000000000 +0100
+++ libc/sysdeps/unix/sysv/linux/sched_getaffinity.c	2006-05-12 17:34:33.000000000 +0200
@@ -1,4 +1,4 @@
-/* Copyright (C) 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+/* Copyright (C) 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -20,6 +20,7 @@
 #include <sched.h>
 #include <string.h>
 #include <sysdep.h>
+#include <sys/param.h>
 #include <sys/types.h>
 #include <shlib-compat.h>
 
@@ -28,8 +29,8 @@
 int
 __sched_getaffinity_new (pid_t pid, size_t cpusetsize, cpu_set_t *cpuset)
 {
-  int res = INLINE_SYSCALL (sched_getaffinity, 3, pid, sizeof (cpu_set_t),
-			    cpuset);
+  int res = INLINE_SYSCALL (sched_getaffinity, 3, pid,
+			    MIN (INT_MAX, cpusetsize), cpuset);
   if (res != -1)
     {
       /* Clean the rest of the memory the kernel didn't do.  */

	Jakub