* Dmitry V. Levin ([email protected]) wrote: > On Tue, Nov 05, 2013 at 04:19:31PM +0100, Denys Vlasenko wrote: > > On 11/05/2013 01:33 PM, Dr. David Alan Gilbert wrote: > > > * Denys Vlasenko ([email protected]) wrote: > > >> I propose to do simply this: > > >> > > >> + nfds = fdsize; > > >> fdsize = (((fdsize + 7) / 8) + sizeof(long)-1) & -sizeof(long); > > >> + /* We had bugs a-la "while (j < args[0])" and "umoven(args[0])" > > >> below. > > >> + * Instead of args[0], use nfds for fd count, fdsize for array > > >> lengths. > > >> + */ > > >> > > >> and use nfds in those two places where we incorrectly use arg[0] now. > > > > > >>> Thoughts? > > >> > > >> I applied a slightly simplified version of your fix to strace git, > > >> please try it. > > > > > > That still fails (this is FORTIFY detecting the fail). > > > > Please elaborate. You get a warning about access to fd_set->[__]fds_bits > > array past its declared bounds? How it looks? Does strace abort or what? > > sizeof(fd_set) is part of libc ABI, so glibc in _FORTIFY_SOURCE mode > aborts the process using __chk_fail() when descriptor is larger than > allowed value (FD_SETSIZE at the time of compiling glibc). > > > There can be legitimate programs which use select() in excess of > > glibc-imposed > > artificial limit on bit array sizes. > > Yes, the syscall itself imposes no such limitations. > Such programs are more expected to use poll() instead of select(), though. > > > > (I guess you could argue that's a false positive from fortify, but there > > > again I think it is an illegal use of FD_ISSET). > > > > Do you see a reasonably portable way to check FD_ISSET? > > Looks like all FD_ISSET implementations just test the n-th bit in the > array of long ints. I've pushed a commit with yet another FD_ISSET > implementation that hopefully does the same.
That looks like it's done the trick - and I prefer the way your set now just reads and casts argv[0] once. Dave -- -----Open up your eyes, open up your mind, open up your code ------- / Dr. David Alan Gilbert | Running GNU/Linux | Happy \ \ gro.gilbert @ treblig.org | | In Hex / \ _________________________|_____ http://www.treblig.org |_______/ ------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk _______________________________________________ Strace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/strace-devel
