This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Ensure __libc_message does not blindly write toSTDERR_FILENO.


On Mon, Apr 16, 2012 at 09:20:52AM +0000, William Pitcock wrote:
> diff --git a/ChangeLog b/ChangeLog
> index 95c737f..dec88f7 100644
> --- a/ChangeLog
> +++ b/ChangeLog
> @@ -1,3 +1,12 @@
> +2012-04-16  William Pitcock  <nenolod@dereferenced.org>
> +
> +	[BZ #13983]
> +	* sysdeps/posix/libc_fatal.c (__libc_message): In the event that
> +	  stderr has been closed using fclose(), we should not try to use
> +	  STDERR_FILENO.
> +	  Doing so may result in blind private information leaks.
> +	* sysdeps/unix/sysv/linux/libc_fatal.c (__libc_message): Likewise.

CL entry shouldn't be a part of the patch.

> diff --git a/sysdeps/posix/libc_fatal.c b/sysdeps/posix/libc_fatal.c
> index 62acb9b..863d978 100644
> --- a/sysdeps/posix/libc_fatal.c
> +++ b/sysdeps/posix/libc_fatal.c
> @@ -65,8 +65,14 @@ __libc_message (int do_abort, const char *fmt, ...)
>    if (on_2 == NULL || *on_2 == '\0')
>      fd = open_not_cancel_2 (_PATH_TTY, O_RDWR | O_NOCTTY | O_NDELAY);
>  
> -  if (fd == -1)
> -    fd = STDERR_FILENO;
> +  /* _IO_stderr stays around forever even through fclose(), use it to learn
> +     if stderr is still opened or not.  if stderr is not opened, then _fileno

Capital `I' at the start of the sentence.

> +     is -1.  We *must* use _IO_stderr and not stderr, as stderr can be overriden
> +     by the application. */

Two spaces after `.'.

> +  if (fd == -1 && _IO_stderr->_fileno == STDERR_FILENO)

Wonder whether we shouldn't guard the second condition like this:

__builtin_expect (_IO_stderr->_fileno == STDERR_FILENO, 1)

as closed stderr is quite a rare case.

	Marek


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]