Date: Fri, 13 Jul 2018 17:31:10 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: Possible oversight in setvbuf() On Fri, Jul 13, 2018 at 04:40:52PM +0200, Markus Wichmann wrote: > Hi all, > > ungetc() seems to depend on f->buf pointing UNGET bytes into a valid > array. fdopen() will provide such a thing. However, setvbuf() will set > f->buf to the very start of the user provided buffer. Bizarrely, UNGET > is deducted from the buffer size, but not added to the pointer. > Oversight or intentional? Definitely a bug -- thanks for catching this. I guess it's a good thing that the release has been delayed for a while, so it won't be in the wild except where musl git master is in use rather than a release. One thing this highlights is that we could really use better testing and security review process. I'll write and submit a test to libc-test for this, but I'd really like if it we could find someone using musl willing to sponsor continuous or periodic security reviews of changes by a third party. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.