aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoseph Myers <joseph@codesourcery.com>2017-12-18 18:50:40 +0000
committerJoseph Myers <joseph@codesourcery.com>2017-12-18 18:50:40 +0000
commit49b036bce9f021ae994a85aee8b410d20b29c8b7 (patch)
treef0100e6d1378252d9cb40f96982b245ab69a657c
parentc85c564d1442f0bc09a6c80fca025f004e12d044 (diff)
downloadglibc-49b036bce9f021ae994a85aee8b410d20b29c8b7.zip
glibc-49b036bce9f021ae994a85aee8b410d20b29c8b7.tar.gz
glibc-49b036bce9f021ae994a85aee8b410d20b29c8b7.tar.bz2
Fix nscd readlink argument aliasing (bug 22446).
Current GCC mainline detects that nscd calls readlink with the same buffer for both input and output, which is not valid (those arguments are both restrict-qualified in POSIX). This patch makes it use a separate buffer for readlink's input (with a size that is sufficient to avoid truncation, so there should be no problems with warnings about possible truncation, though not strictly minimal, but much smaller than the buffer for output) to avoid this problem. Tested compilation for aarch64-linux-gnu with build-many-glibcs.py. [BZ #22446] * nscd/connections.c (handle_request) [SO_PEERCRED]: Use separate buffers for readlink input and output.
-rw-r--r--ChangeLog6
-rw-r--r--nscd/connections.c5
2 files changed, 9 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 31b25ab..c5ee8fc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2017-12-18 Joseph Myers <joseph@codesourcery.com>
+
+ [BZ #22446]
+ * nscd/connections.c (handle_request) [SO_PEERCRED]: Use separate
+ buffers for readlink input and output.
+
2017-12-18 Sergei Trofimovich <slyfox@gentoo.org>
[BZ #22624]
diff --git a/nscd/connections.c b/nscd/connections.c
index cc1ed72..dab722d 100644
--- a/nscd/connections.c
+++ b/nscd/connections.c
@@ -1077,14 +1077,15 @@ cannot handle old request version %d; current version is %d"),
if (debug_level > 0)
{
#ifdef SO_PEERCRED
+ char pbuf[sizeof ("/proc//exe") + 3 * sizeof (long int)];
# ifdef PATH_MAX
char buf[PATH_MAX];
# else
char buf[4096];
# endif
- snprintf (buf, sizeof (buf), "/proc/%ld/exe", (long int) pid);
- ssize_t n = readlink (buf, buf, sizeof (buf) - 1);
+ snprintf (pbuf, sizeof (pbuf), "/proc/%ld/exe", (long int) pid);
+ ssize_t n = readlink (pbuf, buf, sizeof (buf) - 1);
if (n <= 0)
dbg_log (_("\