Go to file
Adhemerval Zanella 6c9e1be87a Fix writes past the allocated array bounds in execvpe (BZ#20847)
This patch fixes an invalid write out or stack allocated buffer in
2 places at execvpe implementation:

  1. On 'maybe_script_execute' function where it allocates the new
     argument list and it does not account that a minimum of argc
     plus 3 elements (default shell path, script name, arguments,
     and ending null pointer) should be considered.  The straightforward
     fix is just to take account of the correct list size on argument
     copy.

  2. On '__execvpe' where the executable file name lenght may not
     account for ending '\0' and thus subsequent path creation may
     write past array bounds because it requires to add the terminating
     null.  The fix is to change how to calculate the executable name
     size to add the final '\0' and adjust the rest of the code
     accordingly.

As described in GCC bug report 78433 [1], these issues were masked off by
GCC because it allocated several bytes more than necessary so that many
off-by-one bugs went unnoticed.

Checked on x86_64 with a latest GCC (7.0.0 20161121) with -O3 on CFLAGS.

	[BZ #20847]
	* posix/execvpe.c (maybe_script_execute): Remove write past allocated
	array bounds.
	(__execvpe): Likewise.

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
2016-11-22 10:23:07 -02:00
argp Installed-header hygiene (BZ#20366): Simple self-contained fixes. 2016-09-23 08:43:55 -04:00
assert Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
benchtests Use -fno-builtin for sqrt benchmark. 2016-10-21 21:18:03 +00:00
bits Consolidate Linux setrlimit and getrlimit implementation 2016-11-17 15:54:22 -02:00
catgets Fix building glibc master with NDEBUG and --with-cpu. 2016-03-15 23:23:24 -04:00
conform Enable linknamespace testing for libdl and libcrypt. 2016-11-16 22:47:57 +00:00
crypt Fix crypt snprintf namespace (bug 20829). 2016-11-16 22:46:48 +00:00
csu Remove __libc_csu_irel declaration 2016-09-10 15:50:53 +05:30
ctype Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
debug Add tests for fortification of bcopy and bzero. 2016-08-19 09:04:35 -04:00
dirent Deprecate readdir_r, readdir64_r [BZ #19056] 2016-02-20 12:56:55 +01:00
dlfcn Fix warning caused by unused-result in bug-atexit3-lib.cc 2016-10-28 19:26:14 -02:00
elf Add include/crypt.h. 2016-10-28 22:40:16 -04:00
gmon Installed-header hygiene (BZ#20366): obsolete BSD u_* types. 2016-09-23 08:43:56 -04:00
gnulib Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
grp Don't install the internal header grp-merge.h 2016-07-18 09:33:21 -03:00
gshadow Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
hesiod hesiod: Avoid heap overflow in get_txt_records [BZ #20031] 2016-05-02 16:04:32 +02:00
hurd Fix hurd __access_noerrno implementation. 2016-11-18 16:49:08 -02:00
iconv gconv.h: fix build with GCC 7 2016-11-06 21:33:10 +01:00
iconvdata Bug 20729: Fix building with -Os. 2016-10-29 23:50:56 -04:00
include Fix hurd __access_noerrno implementation. 2016-11-18 16:49:08 -02:00
inet Installed-header hygiene (BZ#20366): conditionally defined structures. 2016-09-23 08:43:56 -04:00
intl hurd: fix pathconf visibility 2016-09-18 23:45:12 +02:00
io New internal function __access_noerrno 2016-11-16 15:53:58 -02:00
libidn Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
libio Fix tst-memstream3 build failure 2016-10-02 10:24:32 -03:00
locale Bug 20729: Include libc-internal.h where required. 2016-10-31 16:46:57 -04:00
localedata localedata: lt_LT: use hyphens in d_fmt [BZ #20497] 2016-08-24 16:07:02 -04:00
login 2016-06-11 Paul Pluzhnikov <ppluzhnikov@google.com> 2016-06-11 14:50:16 -07:00
mach Fix old-style function definition 2016-09-20 23:10:51 +02:00
malloc malloc: Update comments about chunk layout 2016-10-28 22:36:58 +02:00
manual Add setpayload, setpayloadf, setpayloadl. 2016-11-19 00:16:28 +00:00
math Add setpayload, setpayloadf, setpayloadl. 2016-11-19 00:16:28 +00:00
mathvec Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
misc [BZ #19239] Issue deprecation warnings on macro expansion. 2016-11-14 08:34:59 -05:00
nis Installed-header hygiene (BZ#20366): Simple self-contained fixes. 2016-09-23 08:43:55 -04:00
nptl Consolidate lseek/lseek64/llseek implementations 2016-11-08 16:04:33 -02:00
nptl_db Bug 20729: Include libc-internal.h where required. 2016-10-31 16:46:57 -04:00
nscd Fix incorrect double-checked locking related to _res_hconf.initialized. 2016-08-18 20:53:37 +02:00
nss Fix incorrect double-checked locking related to _res_hconf.initialized. 2016-08-18 20:53:37 +02:00
po Update PO files. 2016-08-04 11:41:27 -04:00
posix Fix writes past the allocated array bounds in execvpe (BZ#20847) 2016-11-22 10:23:07 -02:00
pwd Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
resolv Bug 20729: Fix build failures on ppc64 and other arches. 2016-11-02 13:01:36 -04:00
resource Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
rt Use libc_ifunc macro for clock_* symbols in librt. 2016-10-07 10:12:47 +02:00
scripts Make build-many-glibcs.py use -fno-isolate-erroneous-paths options for tilepro. 2016-11-22 01:58:26 +00:00
setjmp Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
shadow Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
signal Installed-header hygiene (BZ#20366): time.h types. 2016-09-23 08:43:56 -04:00
socket Installed-header hygiene (BZ#20366): conditionally defined structures. 2016-09-23 08:43:56 -04:00
soft-fp [soft-fp] Add support for various half-precision conversion routines. 2016-09-21 21:02:54 +00:00
stdio-common Fix crypt snprintf namespace (bug 20829). 2016-11-16 22:46:48 +00:00
stdlib Ignore -Wmaybe-uninitialized in stdlib/bug-getcontext.c. 2016-11-11 21:05:51 +00:00
streams Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
string Correct comments in string.h re strcoll_l, strxfrm_l. 2016-11-16 14:18:32 -05:00
sunrpc Fix build-and-build-again bug in sunrpc tests. 2016-11-14 14:25:11 -05:00
sysdeps Always define XSTAT_IS_XSTAT64 2016-11-21 08:23:12 -08:00
sysvipc Installed-header hygiene (BZ#20366): time.h types. 2016-09-23 08:43:56 -04:00
termios Declare tcgetsid for XPG4 (bug 20055). 2016-05-11 18:05:37 +00:00
time Fix -Wformat-length warning in time/tst-strptime2.c 2016-11-02 16:00:39 -07:00
timezone Remove mention of checktab.awk in timezone/README. 2016-03-14 14:11:51 -04:00
wcsmbs Add tst-wcstod-round 2016-08-19 11:17:07 -05:00
wctype Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
.gitattributes Assume __NR_openat is always defined 2016-03-23 23:35:08 +01:00
.gitignore Add *.pyc to .gitignore 2015-05-18 15:26:26 +05:30
abi-tags Add arm-nacl port. 2015-04-17 09:02:19 -07:00
aclocal.m4 Rename localedir to complocaledir (bug 14259). 2015-11-27 10:22:38 -05:00
BUGS
ChangeLog Fix writes past the allocated array bounds in execvpe (BZ#20847) 2016-11-22 10:23:07 -02:00
ChangeLog.1
ChangeLog.2
ChangeLog.3
ChangeLog.4
ChangeLog.5
ChangeLog.6 Revert "ChangeLogs: convert to utf-8" 2016-02-12 16:35:27 -05:00
ChangeLog.7 Revert "ChangeLogs: convert to utf-8" 2016-02-12 16:35:27 -05:00
ChangeLog.8 ChangeLog: change Winblowz to Windows 2016-08-10 00:49:28 +08:00
ChangeLog.9
ChangeLog.10 Revert "ChangeLogs: convert to utf-8" 2016-02-12 16:35:27 -05:00
ChangeLog.11 ChangeLog: change Winblowz to Windows 2016-08-10 00:49:28 +08:00
ChangeLog.12 Revert "ChangeLogs: convert to utf-8" 2016-02-12 16:35:27 -05:00
ChangeLog.13
ChangeLog.14 Revert "ChangeLogs: convert to utf-8" 2016-02-12 16:35:27 -05:00
ChangeLog.15
ChangeLog.16
ChangeLog.17
ChangeLog.old-ports Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-aarch64 Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-aix Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-alpha Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-am33 Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-arm Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-cris Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-hppa Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-ia64 Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-linux-generic Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-m68k Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-microblaze Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-mips Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-powerpc Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
ChangeLog.old-ports-tile Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory. 2014-04-30 10:40:29 -07:00
config.h.in Add configure check to test if gcc supports attribute ifunc. 2016-10-07 10:02:59 +02:00
config.make.in Avoid running $(CXX) during build to obtain header file paths 2016-09-21 10:45:32 +02:00
configure configure: accept __stack_chk_fail_local for ssp support too [BZ #20662] 2016-11-15 14:15:19 -05:00
configure.ac configure: accept __stack_chk_fail_local for ssp support too [BZ #20662] 2016-11-15 14:15:19 -05:00
CONFORMANCE
COPYING
COPYING.LIB
cppflags-iterator.mk
extra-lib.mk Remove NOT_IN_libc 2014-11-24 15:03:45 +05:30
extra-modules.mk Remove NOT_IN_libc 2014-11-24 15:03:45 +05:30
gen-locales.mk Split locale generation snippet into a separate file 2015-05-13 13:05:28 +05:30
INSTALL Add configure check to test if gcc supports attribute ifunc. 2016-10-07 10:02:59 +02:00
libc-abis
LICENSES
Makeconfig Generate .op pattern rules for profiling builds only 2016-09-21 10:45:19 +02:00
Makefile Installed header hygiene (BZ#20366): Test of installed headers. 2016-09-23 08:43:56 -04:00
Makefile.in New make target to only build benchmark binaries 2016-04-20 10:23:28 +05:30
Makerules Avoid running $(CXX) during build to obtain header file paths 2016-09-21 10:45:32 +02:00
NAMESPACE
NEWS Add setpayload, setpayloadf, setpayloadl. 2016-11-19 00:16:28 +00:00
o-iterator.mk
PROJECTS
README Require Linux 3.2 except on x86 / x86_64, 3.2 headers everywhere. 2016-02-24 17:15:12 +00:00
Rules Do not generate UNRESOLVED results for run-built-tests = no. 2016-11-04 21:29:00 +00:00
shlib-versions This is update for configure, build and install of vector math library. 2015-05-14 18:07:06 +03:00
test-skeleton.c Document do_test in test-skeleton.c 2016-11-07 08:28:52 -08:00
version.h Open development for 2.25. 2016-08-01 23:00:21 -04:00
WUR-REPORT

This directory contains the sources of the GNU C Library.
See the file "version.h" for what release version you have.

The GNU C Library is the standard system C library for all GNU systems,
and is an important part of what makes up a GNU system.  It provides the
system API for all programs written in C and C-compatible languages such
as C++ and Objective C; the runtime facilities of other programming
languages use the C library to access the underlying operating system.

In GNU/Linux systems, the C library works with the Linux kernel to
implement the operating system behavior seen by user applications.
In GNU/Hurd systems, it works with a microkernel and Hurd servers.

The GNU C Library implements much of the POSIX.1 functionality in the
GNU/Hurd system, using configurations i[4567]86-*-gnu.  The current
GNU/Hurd support requires out-of-tree patches that will eventually be
incorporated into an official GNU C Library release.

When working with Linux kernels, this version of the GNU C Library
requires Linux kernel version 3.2 or later on all architectures except
i[4567]86 and x86_64, where Linux kernel version 2.6.32 or later
suffices.

Also note that the shared version of the libgcc_s library must be
installed for the pthread library to work correctly.

The GNU C Library supports these configurations for using Linux kernels:

	aarch64*-*-linux-gnu
	alpha*-*-linux-gnu
	arm-*-linux-gnueabi
	hppa-*-linux-gnu	Not currently functional without patches.
	i[4567]86-*-linux-gnu
	x86_64-*-linux-gnu	Can build either x86_64 or x32
	ia64-*-linux-gnu
	m68k-*-linux-gnu
	microblaze*-*-linux-gnu
	mips-*-linux-gnu
	mips64-*-linux-gnu
	powerpc-*-linux-gnu	Hardware or software floating point, BE only.
	powerpc64*-*-linux-gnu	Big-endian and little-endian.
	s390-*-linux-gnu
	s390x-*-linux-gnu
	sh[34]-*-linux-gnu
	sparc*-*-linux-gnu
	sparc64*-*-linux-gnu
	tilegx-*-linux-gnu
	tilepro-*-linux-gnu

If you are interested in doing a port, please contact the glibc
maintainers; see http://www.gnu.org/software/libc/ for more
information.

See the file INSTALL to find out how to configure, build, and install
the GNU C Library.  You might also consider reading the WWW pages for
the C library at http://www.gnu.org/software/libc/.

The GNU C Library is (almost) completely documented by the Texinfo manual
found in the `manual/' subdirectory.  The manual is still being updated
and contains some known errors and omissions; we regret that we do not
have the resources to work on the manual as much as we would like.  For
corrections to the manual, please file a bug in the `manual' component,
following the bug-reporting instructions below.  Please be sure to check
the manual in the current development sources to see if your problem has
already been corrected.

Please see http://www.gnu.org/software/libc/bugs.html for bug reporting
information.  We are now using the Bugzilla system to track all bug reports.
This web page gives detailed information on how to report bugs properly.

The GNU C Library is free software.  See the file COPYING.LIB for copying
conditions, and LICENSES for notices about a few contributions that require
these additional notices to be distributed.  License copyright years may be
listed using range notation, e.g., 1996-2015, indicating that every year in
the range, inclusive, is a copyrightable year that would otherwise be listed
individually.