* wcstok(3) code sample
@ 2021-07-12 9:07 Stefan Kanthak
2021-07-12 16:36 ` Jakub Wilk
2021-07-25 20:25 ` Alejandro Colomar (man-pages)
0 siblings, 2 replies; 4+ messages in thread
From: Stefan Kanthak @ 2021-07-12 9:07 UTC (permalink / raw)
To: mtk.manpages, alx.manpages; +Cc: linux-man
Hi,
the examples section of wcstok(3) shows the following code
which exhibits undefined behaviour and typically segfaults:
<https://man7.org/linux/man-pages/man3/wcstok.3.html#EXAMPLES>
| wchar_t *wcs = ...;
| wchar_t *token;
| wchar_t *state;
| for (token = wcstok(wcs, " \t\n", &state);
| token != NULL;
| token = wcstok(NULL, " \t\n", &state)) {
| ...
| }
The string literal pointed to by wcs is read-only, and an
attempt to modify a string literal results in undefined
behaviour; wcstok() but writes NULs into its input string.
FIX: replace the first line with either
| wchar_t *wcs = strdup(...);
or
| wchar_t wcs[] = ...;
regards
Stefan
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: wcstok(3) code sample
2021-07-12 9:07 wcstok(3) code sample Stefan Kanthak
@ 2021-07-12 16:36 ` Jakub Wilk
2021-07-25 20:25 ` Alejandro Colomar (man-pages)
1 sibling, 0 replies; 4+ messages in thread
From: Jakub Wilk @ 2021-07-12 16:36 UTC (permalink / raw)
To: Stefan Kanthak; +Cc: mtk.manpages, alx.manpages, linux-man
* Stefan Kanthak <stefan.kanthak@nexgo.de>, 2021-07-12, 11:07:
>| wchar_t *wcs = strdup(...);
You meant wcsdup().
--
Jakub Wilk
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: wcstok(3) code sample
2021-07-12 9:07 wcstok(3) code sample Stefan Kanthak
2021-07-12 16:36 ` Jakub Wilk
@ 2021-07-25 20:25 ` Alejandro Colomar (man-pages)
2021-07-26 13:13 ` Stefan Kanthak
1 sibling, 1 reply; 4+ messages in thread
From: Alejandro Colomar (man-pages) @ 2021-07-25 20:25 UTC (permalink / raw)
To: Stefan Kanthak; +Cc: linux-man, mtk.manpages
Hi Stefan,
On 7/12/21 11:07 AM, Stefan Kanthak wrote:
> Hi,
>
> the examples section of wcstok(3) shows the following code
> which exhibits undefined behaviour and typically segfaults:
>
> <https://man7.org/linux/man-pages/man3/wcstok.3.html#EXAMPLES>
>
> | wchar_t *wcs = ...;
> | wchar_t *token;
> | wchar_t *state;
> | for (token = wcstok(wcs, " \t\n", &state);
> | token != NULL;
> | token = wcstok(NULL, " \t\n", &state)) {
> | ...
> | }
>
> The string literal pointed to by wcs is read-only, and an
> attempt to modify a string literal results in undefined
> behaviour; wcstok() but writes NULs into its input string.
>
> FIX: replace the first line with either
>
> | wchar_t *wcs = strdup(...);
>
> or
>
> | wchar_t wcs[] = ...;
That code is a bit unfortunate. It is not a complete program, so it can
be interpreted in different ways, one of them the one you said, which
results in UB.
I guess the intent of the code was that wcs was assigned a pointer to a
wchar_t * (not a literal), and therefore, it would be correct. The code
predates version control, so we'll never know...
Would you mind sending a complete example?
Thanks,
Alex
>
> regards
> Stefan
>
--
Alejandro Colomar
Linux man-pages comaintainer; https://www.kernel.org/doc/man-pages/
http://www.alejandro-colomar.es/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: wcstok(3) code sample
2021-07-25 20:25 ` Alejandro Colomar (man-pages)
@ 2021-07-26 13:13 ` Stefan Kanthak
0 siblings, 0 replies; 4+ messages in thread
From: Stefan Kanthak @ 2021-07-26 13:13 UTC (permalink / raw)
To: Alejandro Colomar (man-pages); +Cc: linux-man, mtk.manpages
Hi Alex,
you wrote Sunday, July 25, 2021 10:25 PM:
> Hi Stefan,
>
> On 7/12/21 11:07 AM, Stefan Kanthak wrote:
>> Hi,
>>
>> the examples section of wcstok(3) shows the following code
>> which exhibits undefined behaviour and typically segfaults:
>>
>> <https://man7.org/linux/man-pages/man3/wcstok.3.html#EXAMPLES>
>>
>> | wchar_t *wcs = ...;
>> | wchar_t *token;
>> | wchar_t *state;
>> | for (token = wcstok(wcs, " \t\n", &state);
>> | token != NULL;
>> | token = wcstok(NULL, " \t\n", &state)) {
>> | ...
>> | }
>>
>> The string literal pointed to by wcs is read-only, and an
>> attempt to modify a string literal results in undefined
>> behaviour; wcstok() but writes NULs into its input string.
>>
>> FIX: replace the first line with either
>>
>> | wchar_t *wcs = strdup(...);
>>
>> or
>>
>> | wchar_t wcs[] = ...;
>
> That code is a bit unfortunate.
Yes.
> It is not a complete program, so it can be interpreted in different ways,
> one of them the one you said, which results in UB.
Correct: I interpret such snippets in their worst case and notice olny/first
their vulnerabilities or UB.
> I guess the intent of the code was that wcs was assigned a pointer to a
> wchar_t * (not a literal), and therefore, it would be correct.
Yes.
> The code predates version control, so we'll never know...
>
> Would you mind sending a complete example?
Just add a comment which tells that the string pointed to by wcs must not
be a literal (or read-only).
| wchar_t *wcs[] = ...; // must not point to a literal or read-only memory
regards
Stefan
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-07-26 13:17 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-12 9:07 wcstok(3) code sample Stefan Kanthak
2021-07-12 16:36 ` Jakub Wilk
2021-07-25 20:25 ` Alejandro Colomar (man-pages)
2021-07-26 13:13 ` Stefan Kanthak
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).