This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/11892] putenv()/setenv() unbounded alloca()


------- Additional Comments From kees at outflux dot net  2010-09-12 15:34 -------
In /proc/$pid/maps:

fffdd000-ffffe000 rw-p 00000000 00:00 0                                  [stack]

And from the registers after a crash running this as "./env 100000000":

esp            0xfd04e510	0xfd04e510

This appears to "just" be a case of running out of stack memory. Doing
breakpoints before/after the putenv, it looks like stack memory is being
accounted for correctly, so I'm not clear how this could cause corruption:

(gdb) run 10000
Breakpoint 1, main (argc=2, argv=0xffffd6b4) at env.c:13
13	  putenv(name);
(gdb) info reg
...
esp            0xffffd5d0	0xffffd5d0
(gdb) cont
Continuing.

Breakpoint 2, main (argc=2, argv=0xffffd6b4) at env.c:14
14	  return 0;
(gdb) info reg
...
esp            0xffffd5d0	0xffffd5d0


-- 
           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |WAITING


http://sourceware.org/bugzilla/show_bug.cgi?id=11892

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]