RFR(S): 8252407: Build failure with gcc-8+ and asan
Florian Weimer
fweimer at redhat.com
Fri Sep 4 11:50:55 UTC 2020
* Daniel Fuchs:
> Hi,
>
> On 02/09/2020 08:19, Florian Weimer wrote:
>> At least one of the bugs was in theory user-visible: the network
>> interface code would return data for an interface that does not actually
>> exist on the system.
>
> WRT NetworkInterface.c, I might support using `strnlen` to check
> the length before hand, if that solves both cases (gcc8 and gcc10).
> I'm always a bit nervous of changing the behavior in this library
> as it's hard to verify that no regression is introduced.
I think you should use strlen. If the string is longer than the buffer
sent to the kernel, it cannot match an existing interface because all
the names are shorter. So some sort of “not found” error needs to
reported.
(I assume that it's actually a bug that you can look up a network
interface by a name that merely shares the same prefix with an actual
interface on the system.)
Thanks,
Florian
More information about the core-libs-dev
mailing list