[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] linux-user: Support setgroups syscall with no g
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-devel] [PATCH] linux-user: Support setgroups syscall with no groups |
|
Date: |
Mon, 04 Feb 2013 14:25:08 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 |
On 02/04/2013 02:07 PM, Peter Maydell wrote:
> On 4 February 2013 18:38, Eric Blake <address@hidden> wrote:
>> On 02/02/2013 04:04 PM, address@hidden wrote:
>>> -
>>> - grouplist = alloca(gidsetsize * sizeof(gid_t));
>>> - target_grouplist = lock_user(VERIFY_READ, arg2, gidsetsize *
>>> 2, 1);
>>> - if (!target_grouplist) {
>>> - ret = -TARGET_EFAULT;
>>> - goto fail;
>>> + if (gidsetsize) {
>>> + grouplist = alloca(gidsetsize * sizeof(gid_t));
>>
>> Is this alloca() safe, or are you risking stack overflow if the user
>> passes an extremely large arg1?
>
> No, the linux-user has a number of long-standing not-terribly-safe
> alloca calls like this. If anybody wants to go through and fix them
> patches are welcome, but I don't think it's fair to require them
> to be fixed in order to get fairly simple patches like this in,
> where the patch is merely reindenting existing dubious code, not
> adding to the problem.
Point taken - the abuse of alloca() is pre-existing, so it shouldn't
block this particular patch.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature