Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180713213110.GD1392@brightrain.aerifal.cx>
Date: Fri, 13 Jul 2018 17:31:10 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Possible oversight in setvbuf()

On Fri, Jul 13, 2018 at 04:40:52PM +0200, Markus Wichmann wrote:
> Hi all,
> 
> ungetc() seems to depend on f->buf pointing UNGET bytes into a valid
> array. fdopen() will provide such a thing. However, setvbuf() will set
> f->buf to the very start of the user provided buffer. Bizarrely, UNGET
> is deducted from the buffer size, but not added to the pointer.
> Oversight or intentional?

Definitely a bug -- thanks for catching this. I guess it's a good
thing that the release has been delayed for a while, so it won't be in
the wild except where musl git master is in use rather than a release.

One thing this highlights is that we could really use better testing
and security review process. I'll write and submit a test to libc-test
for this, but I'd really like if it we could find someone using musl
willing to sponsor continuous or periodic security reviews of changes
by a third party.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.