niansa-misc/glibc
1
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-03-06 20:58:33 +01:00
Code Issues Projects Releases Packages Wiki Activity
glibc/libio/tst-asprintf-null.c
Florian Weimer cb4692ce1e libio: asprintf should write NULL upon failure 
This was suggested most recently by Solar Designer, noting
that code replacing vsprintf with vasprintf in a security fix
was subtly wrong:

  Re: GStreamer Security Advisory 2024-0003: Orc compiler
  stack-based buffer overflow
  <https://www.openwall.com/lists/oss-security/2024/07/26/2>

Previous libc-alpha discussions:

  I: [PATCH] asprintf error handling fix
  <https://inbox.sourceware.org/libc-alpha/20011205185828.GA8376@ldv.office.alt-linux.org/>

  asprintf() issue
  <https://inbox.sourceware.org/libc-alpha/CANSoFxt-cdc-+C4u-rTENMtY4X9RpRSuv+axDswSPxbDgag8_Q@mail.gmail.com/>

I don't think we need a compatibility symbol for this.  As the
GStreamer example shows, this change is much more likely to fix bugs
than cause compatibility issues.

Suggested-by: Dmitry V. Levin <ldv@altlinux.org>
Suggested-by: Archie Cobbs <archie.cobbs@gmail.com>
Suggested-by: Solar Designer <solar@openwall.com>
Reviewed-by: Sam James <sam@gentoo.org>
2024-12-27 09:18:21 +01:00

51 lines
1.7 KiB
C
Raw Blame History

/* Test that asprintf sets the buffer pointer to NULL on failure.
Copyright (C) 2024 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <errno.h>
#include <stdio.h>
#include <support/check.h>
#include <sys/resource.h>
static int
do_test (void)
{
static const char sentinel[] = "sentinel";
char *buf = (char *) sentinel;
{
/* Avoid -Wformat-overflow warning. */
const char *volatile format = "%2000000000d %2000000000d";
TEST_COMPARE (asprintf (&buf, format, 1, 2), -1);
}
if (errno != ENOMEM)
TEST_COMPARE (errno, EOVERFLOW);
TEST_VERIFY (buf == NULL);
/* Force ENOMEM in the test below. */
struct rlimit rl;
TEST_COMPARE (getrlimit (RLIMIT_AS, &rl), 0);
rl.rlim_cur = 10 * 1024 * 1024;
TEST_COMPARE (setrlimit (RLIMIT_AS, &rl), 0);
buf = (char *) sentinel;
TEST_COMPARE (asprintf (&buf, "%20000000d", 1), -1);
TEST_COMPARE (errno, ENOMEM);
TEST_VERIFY (buf == NULL);
return 0;
}
#include <support/test-driver.c>
Reference in a new issue View git blame Copy permalink