Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110927160646.GA23877@albatros>
Date: Tue, 27 Sep 2011 20:06:46 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: musl <musl@...ts.openwall.com>
Subject: musl bugs

Hi Rich,

getmntent_r():
- fgets() should be checked for too small buffer.
- Looks like fgets() may fail.  Then ferror() should be used together
  with feof().

getmntent():
- Is linebuf[256] big enough?  IMO as the buffer is not supplied by a
  user, it should be dynamically allocated.  Calling getmntent() and
  getting truncated result/ERANGE is somewhat not expected.

addmntent():
- Here fseek() can be easily checked for errors => return 1 in case of
  error.

hasmntopt():
- Implementation is wrong.  The argument is not a substring, but a
  single option, possibly with "=value".  Glibc's implementation is OK
  IMO.

prctl() and other places:
- Why no va_end()?  It is __builtin_va_end() sometimes, and AFAIU it is
  not a noop.

getgrgid() and getgrnam():
- errno is not saved while calling endgrent() (close() inside).  POSIX
  says close() may return EIO if I/O error happened during close() with
  RO fd, altering errno.

execvp():
- As the code chooses the first possible path in $PATH, the
  /usr/local/bin should be the last path.  POSIX says it should start
  with null path (current dir), but it is crazy.
- I don't see an overflow here (comment claims so)...

-- 
Vasiliy

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.