[RFC PATCH v2 babeltrace] Fix: Check return value of fpathconf

[RFC PATCH v2 babeltrace] Fix: Check return value of fpathconf

[Michael Jeanson]

Current glibc has a bug in fpathconf(fd, _PC_NAME_MAX) where it will
fail with a 32bit userland on a 64bit kernel and where the filesystem
has a large block count, see glibc bug #18675.

In any case, we should check this return value because on a failure we
we don't allocate enough memory for dirent and then overflow on the
readdir_r call.

This patch is an RFC, I'm not sure what is the best way to handle the
failure, should we instead fallback on using the global "NAME_MAX"?

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
---
 formats/ctf/ctf.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/formats/ctf/ctf.c b/formats/ctf/ctf.c
index a617497..e626c6c 100644
--- a/formats/ctf/ctf.c
+++ b/formats/ctf/ctf.c
@@ -2113,6 +2113,7 @@ int ctf_open_trace_read(struct ctf_trace *td,
 	struct dirent *dirent;
 	struct dirent *diriter;
 	size_t dirent_len;
+	int pc_name_max;
 	char *ext;
 
 	td->flags = flags;
@@ -2162,8 +2163,15 @@ int ctf_open_trace_read(struct ctf_trace *td,
 	 * the stream array.
 	 */
 
-	dirent_len = offsetof(struct dirent, d_name) +
-			fpathconf(td->dirfd, _PC_NAME_MAX) + 1;
+	pc_name_max = fpathconf(td->dirfd, _PC_NAME_MAX);
+	if (pc_name_max < 0) {
+		perror("Error on fpathconf");
+		fprintf(stderr, "[error] Failed to get _PC_NAME_MAX for path \"%s\".\n", path);
+		ret = -1;
+		goto error_metadata;
+	}
+
+	dirent_len = offsetof(struct dirent, d_name) + pc_name_max + 1;
 
 	dirent = malloc(dirent_len);
 
-- 
1.9.1

Re: [RFC PATCH v2 babeltrace] Fix: Check return value of fpathconf

[Jérémie Galarneau]

Merged, thanks!

Jérémie

On Fri, Dec 4, 2015 at 5:03 PM, Michael Jeanson <mjeanson@efficios.com> wrote:
> Current glibc has a bug in fpathconf(fd, _PC_NAME_MAX) where it will
> fail with a 32bit userland on a 64bit kernel and where the filesystem
> has a large block count, see glibc bug #18675.
>
> In any case, we should check this return value because on a failure we
> we don't allocate enough memory for dirent and then overflow on the
> readdir_r call.
>
> This patch is an RFC, I'm not sure what is the best way to handle the
> failure, should we instead fallback on using the global "NAME_MAX"?
>
> Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
> ---
>  formats/ctf/ctf.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/formats/ctf/ctf.c b/formats/ctf/ctf.c
> index a617497..e626c6c 100644
> --- a/formats/ctf/ctf.c
> +++ b/formats/ctf/ctf.c
> @@ -2113,6 +2113,7 @@ int ctf_open_trace_read(struct ctf_trace *td,
>         struct dirent *dirent;
>         struct dirent *diriter;
>         size_t dirent_len;
> +       int pc_name_max;
>         char *ext;
>
>         td->flags = flags;
> @@ -2162,8 +2163,15 @@ int ctf_open_trace_read(struct ctf_trace *td,
>          * the stream array.
>          */
>
> -       dirent_len = offsetof(struct dirent, d_name) +
> -                       fpathconf(td->dirfd, _PC_NAME_MAX) + 1;
> +       pc_name_max = fpathconf(td->dirfd, _PC_NAME_MAX);
> +       if (pc_name_max < 0) {
> +               perror("Error on fpathconf");
> +               fprintf(stderr, "[error] Failed to get _PC_NAME_MAX for path \"%s\".\n", path);
> +               ret = -1;
> +               goto error_metadata;
> +       }
> +
> +       dirent_len = offsetof(struct dirent, d_name) + pc_name_max + 1;
>
>         dirent = malloc(dirent_len);
>
> --
> 1.9.1
>



-- 
Jérémie Galarneau
EfficiOS Inc.
http://www.efficios.com

_______________________________________________
lttng-dev mailing list
lttng-dev@lists.lttng.org
http://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev