[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] vasnprintf: fix potential use after free
|
From: |
Eric Blake |
|
Subject: |
Re: [PATCH] vasnprintf: fix potential use after free |
|
Date: |
Mon, 08 Dec 2014 08:24:01 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 |
On 12/07/2014 07:29 PM, Paul Eggert wrote:
> Pádraig Brady wrote:
>> BTW if free() may reset errno on some platforms then it's
>> probably worth augmenting the gnulib free() wrapper
>> to restore errno if needed,
>
> The documented GNU behavior for 'free' allows 'free' to set errno,
> right? So why should the corresponding gnulib wrapper guarantee
> behavior above and beyond what GNU implements?
Only implicitly (basically, any function that does not explicitly state
that errno is left unchanged is free to change errno as a side effect on
success). But the POSIX proposal is that free should be one of the
functions that guarantees that errno can't be clobbered on success; and
GNU should probably implement that now rather than waiting a few years
for the POSIX proposal to become standardized.
>
> It might make sense to have a variant of 'free' that preserves errno,
> but we should probably give the variant a different name. 'noerr_free',
> say.
I'm not sure a variant is needed; if we can get glibc to guarantee the
POSIX proposal now, then we would merely be guaranteeing sane behavior
on all platforms.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature