Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 14 Jan 2013 16:57:00 -0500
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: minor issues (found by cppcheck)

On Mon, Jan 14, 2013 at 10:23:50PM +0100, Szabolcs Nagy wrote:
> * Rich Felker <dalias@...ifal.cx> [2013-01-14 16:05:41 -0500]:
> > On Mon, Jan 14, 2013 at 08:41:47PM +0100, Szabolcs Nagy wrote:
> > > getmntent_r has a sscanf with %d,
> > > it might make sense to limit the width
> > 
> > I think the error is irrelevant for %d unless we're talking about the
> > theoretical UB for integer overflow, but that doesn't seem to be what
> > this warning is about. Anyway, musl's scanf has well-defined overflow
> > behavior.
> 
> i mean if there is a very long digit sequence in the input
> it may make sense to fail early, eg use %11d and with a final
> %n we could check if the input is read correctly
> 
> assuming we want to report failure on invalid input

Is a line containing a number 1 represented as a billion zeros
followed by a 1 "invalid input"? It's pathological, but I don't see
any reason to go out of our way to treat it as invalid, especially
since the files being parsed by this function are provided either by
root or by the invoking user (usually by root).

Rich

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.