[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241029202615.GC10433@brightrain.aerifal.cx>
Date: Tue, 29 Oct 2024 16:26:16 -0400
From: Rich Felker <dalias@...c.org>
To: Thorsten Glaser <tg@...lvis.org>
Cc: musl@...ts.openwall.com, lihua.zhao.cn@...driver.com
Subject: Re: [PATCH] set EINVAL for sigismember when sig is invalid
On Tue, Oct 29, 2024 at 02:12:49PM +0100, Thorsten Glaser wrote:
> On Tue, 29 Oct 2024, lihua.zhao.cn@...driver.com wrote:
>
> > int sigismember(const sigset_t *set, int sig)
> > {
> > unsigned s = sig-1;
> >- if (s >= _NSIG-1) return 0;
> >+ if (s < 0 || s >= _NSIG-1) {
>
> unsigned s can never be 0, and assignment from int will wrap around,
> so the >= is enough.
>
> There’s UB if sig == INT_MIN though.
The UB concern exists for all the existing files, so it should be
fixed there and the same idiom copied to sigismember. Note that the
above patch for sigismember does not catch signal numbers that are
invalid because they're implementation-internal, like the other sigset
functions do. That needs to be fixed, but then the internal usage in
posix_spawn would need to be fixed to match.
>
> - unsigned s = sig-1;
> + unsigned s = sig;
> + ++s;
>
> Or:
>
> - unsigned s = sig-1;
> + unsigned s = (unsigned)sig - 1U;
sig-1U is the idiomatic way we do this.
Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
