This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/15002] New: Avoid undefined behavior in posix_fallocate overflow check
- From: "nickolai at csail dot mit.edu" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Tue, 08 Jan 2013 04:58:30 +0000
- Subject: [Bug libc/15002] New: Avoid undefined behavior in posix_fallocate overflow check
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=15002
Bug #: 15002
Summary: Avoid undefined behavior in posix_fallocate overflow
check
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: unassigned@sourceware.org
ReportedBy: nickolai@csail.mit.edu
CC: drepper.fsp@gmail.com
Classification: Unclassified
Created attachment 6802
--> http://sourceware.org/bugzilla/attachment.cgi?id=6802
proposed fix
posix_fallocate relies on wraparound to check whether offset + len overflows.
As both are signed values, this is undefined behavior in C, and some compilers
(e.g., gcc-4.7.2) will optimize away the if (offset + len < 0) check as dead
code, since it is already known that offset >= 0 and len >= 0. The attached
patch replaces the check with one that does not rely on undefined behavior.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.