This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/11892] putenv()/setenv() unbounded alloca()
- From: "kees at outflux dot net" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 12 Sep 2010 15:34:28 -0000
- Subject: [Bug libc/11892] putenv()/setenv() unbounded alloca()
- References: <20100806210209.11892.cdn@chromium.org>
- Reply-to: sourceware-bugzilla at sourceware dot org
------- Additional Comments From kees at outflux dot net 2010-09-12 15:34 -------
In /proc/$pid/maps:
fffdd000-ffffe000 rw-p 00000000 00:00 0 [stack]
And from the registers after a crash running this as "./env 100000000":
esp 0xfd04e510 0xfd04e510
This appears to "just" be a case of running out of stack memory. Doing
breakpoints before/after the putenv, it looks like stack memory is being
accounted for correctly, so I'm not clear how this could cause corruption:
(gdb) run 10000
Breakpoint 1, main (argc=2, argv=0xffffd6b4) at env.c:13
13 putenv(name);
(gdb) info reg
...
esp 0xffffd5d0 0xffffd5d0
(gdb) cont
Continuing.
Breakpoint 2, main (argc=2, argv=0xffffd6b4) at env.c:14
14 return 0;
(gdb) info reg
...
esp 0xffffd5d0 0xffffd5d0
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |WAITING
http://sourceware.org/bugzilla/show_bug.cgi?id=11892
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.