Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 6 Mar 2016 22:13:16 +0100
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Cc: Alexander Monakov <amonakov@...ras.ru>
Subject: Re: [libc-test][PATCH] add putenv double-free regression test

* Alexander Monakov <amonakov@...ras.ru> [2016-03-06 22:41:14 +0300]:
> ---
> I see the musl patch has been committed, so here's the corresponding libc-test
> regression test.
> 
> It's pretty bare-bones since it just relies on libc's built-in double-free
> detection.
> 
> Also it's pretty lazy to use _GNU_SOURCE ftm to get putenv; I'm not sure
> what's the expected style in libc-test for such things though.
> src/functional/env.c also uses _GNU_SOURCE.
> 

thanks, applied.

used _XOPEN_SOURCE that is at least a standard.

>  src/regression/putenv-doublefree.c | 16 ++++++++++++++++
>  1 file changed, 16 insertions(+)
>  create mode 100644 src/regression/putenv-doublefree.c
> 
> diff --git a/src/regression/putenv-doublefree.c b/src/regression/putenv-doublefree.c
> new file mode 100644
> index 0000000..f3a1f6c
> --- /dev/null
> +++ b/src/regression/putenv-doublefree.c
> @@ -0,0 +1,16 @@
> +// commit 9543656cc32fda48fc463f332ee20e91eed2b768 2016-03-06
> +// __putenv could be confused into freeing storage that does not belong to the implementation
> +#define _GNU_SOURCE
> +#include <stdlib.h>
> +#include <string.h>
> +
> +int main(void)
> +{
> +	setenv("A", "1", 1);
> +	setenv("A", "2", 1);
> +	char *c = strdup("A=3");
> +	putenv(c);
> +	setenv("A", "4", 1);
> +	free(c);
> +	return 0;
> +}
> -- 
> 2.1.3

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.