Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190204143740.GA2054@ncase>
Date: Mon, 4 Feb 2019 15:37:40 +0100
From: Patrick Steinhardt <ps@....im>
To: musl@...ts.openwall.com
Subject: Re: freeaddrinfo(NULL) segfaults in v1.1.21

On Sun, Feb 03, 2019 at 01:13:35PM -0600, Bobby Bingham wrote:
> On Sun, Feb 03, 2019 at 07:02:38PM +0100, Patrick Steinhardt wrote:
> > As long as I didn't miss it, freeaddrinfo(3P) doesn't explicitly
> > say whether it needs to be called with a valid pointer, and sure
> > enough there's applications out there which aren't careful here.
> > One example I found is e.g. nfs-utils, where I hit segfaults in
> > different places after upgrading to musl v1.1.21.
> 
> In general, unless it is specified otherwise, it is undefined behavior
> to call functions accepting a pointer with an invalid or NULL pointer.
> 
> In this particular case, the spec[1] says:
> 
>   The freeaddrinfo() function shall free one or more addrinfo
>   structures returned by getaddrinfo(), along with any additional
>   storage associated with those structures.
> 
> A NULL pointer does not point to "one or more addrinfo structures".
> 
>   1. http://pubs.opengroup.org/onlinepubs/9699919799/functions/freeaddrinfo.html

Yeah, I thought that this section might indeed imply that `NULL`
is not considered valid input for this function. Thanks for
confirming!

> > So was this change in behavior intended or is it an unwanted
> > side-effect of the commit in question?
> 
> I would guess it's an unintended, but not necessarily unwanted, side
> effect.  When it's easy to detect such application bugs, musl generally
> opts to fail loudly at the point of error, so these bugs can be noticed
> and fixed by application developers, rather than silently hiding them.

I assumed as much, especially considering that a similar stance
was adopted with regards to closedir(3P). It's annoying that one
frequently has to deal with such issues, but I'd rather blame it
at glibc and dependents who aren't paying attention to standards
instead of blaming it on musl.

I guess I'll try and upstream some patches for inclusion in
nfs-utils to fix the issue.

Patrick

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.