Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 2 Jan 2018 21:51:30 -0500
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: a third bug in musl clone()

On Tue, Jan 02, 2018 at 11:09:24PM +0100, Florian Weimer wrote:
> On 01/02/2018 08:58 PM, Rich Felker wrote:
> >In any case it should be fixed by checking flags.
> 
> I think this would be worse than the cure because it results in
> subtle bugs if the kernel adds more flags which require different
> argument counts.  We saw that with O_TMPFILE and open/openat.

Wasn't that just a bug with O_TMPFILE having implicit O_CREAT but not
having the actual O_CREAT bit set in its value? I understand the
sentiment here but I think if we're really worried about that we could
just fail with EINVAL for unknown flags (requiring a sufficiently new
libc.so to be aware of the flags) rather than leaving the UB in place.

Rich

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ