Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <033E85D4-1611-42A8-95D3-76157D18749B@trust-in-soft.com>
Date: Mon, 21 Aug 2017 12:38:14 +0000
From: Pascal Cuoq <cuoq@...st-in-soft.com>
To: "musl@...ts.openwall.com" <musl@...ts.openwall.com>
Subject: Re: musl's putenv makes assumptions about memcmp

Hello Alexander,

Thanks for this pointer. This UB and a similar one in putenv were going to be our next report:

unsetenv:
* rewrite; this fixes UB caused by testing a free'd pointer against
  NULL on entry to subsequent loops.

In the version after your patch, we do not detect any undefined behavior with TIS Interpreter, for the tests we have (libc-testsuite plus one additional test that we wrote to make TIS Interpreter confirm the misuse of memcmp in putenv).

Pascal

On 21 Aug 2017, at 10:02, Alexander Monakov <amonakov@...ras.ru<mailto:amonakov@...ras.ru>> wrote:

*env functions have multiple issues including other UB and a memory leak.

http://openwall.com/lists/musl/2016/03/13/7

Alexander


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.