From patchwork Mon Oct 2 14:16:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Szabolcs Nagy X-Patchwork-Id: 76974 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2933C385CCAF for ; Mon, 2 Oct 2023 14:17:06 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2054.outbound.protection.outlook.com [40.107.22.54]) by sourceware.org (Postfix) with ESMTPS id E67C43858D33 for ; Mon, 2 Oct 2023 14:16:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E67C43858D33 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=arm.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CWy1TFj1+lCCOo+g8DcAJwohuxSLWwzsGtRZzojd6Rw=; b=8CVtiYbyFHpUZdA+6Zms+wzLwwAuHknWZlXr/vuUit17PpMWBQVmBUB9IFTo2ScQvfuAPQRAccq3xM3Z/mV3Wq8QMt7eD13Opi71pVQ6DMeHZ0d5FzNbAO1TApV7nafIRnrWe/tLjFzcHLAfazXVGAUXwjgAsW82nOaU8HiyqAI= Received: from AS8P251CA0020.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:2f2::16) by GV2PR08MB8390.eurprd08.prod.outlook.com (2603:10a6:150:bc::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.22; Mon, 2 Oct 2023 14:16:44 +0000 Received: from AM7EUR03FT026.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:2f2:cafe::31) by AS8P251CA0020.outlook.office365.com (2603:10a6:20b:2f2::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.30 via Frontend Transport; Mon, 2 Oct 2023 14:16:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT026.mail.protection.outlook.com (100.127.140.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.20 via Frontend Transport; Mon, 2 Oct 2023 14:16:41 +0000 Received: ("Tessian outbound ee9c7f88acf7:v211"); Mon, 02 Oct 2023 14:16:41 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 0efe29a28987a41d X-CR-MTA-TID: 64aa7808 Received: from 5c370e7ea184.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 2B12046E-D7D3-45C5-8FB1-B9BA3D2C1006.1; Mon, 02 Oct 2023 14:16:35 +0000 Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 5c370e7ea184.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Mon, 02 Oct 2023 14:16:35 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jhhghDpibQHBT9IyzGqmHG42npb48mtaShJ+9BuSC7FjFQ2RreTUryRHCcCqvwFIBlWel3wdWUHZ+NPy+068I/g9ZMyKReOV64QO6BUcmR/0gYWy/XX+k9MZoQ8evxG42md3BC/PQEzWxe7NZJYwwFY6IKjPQ+QQNwnMbCaoXh8sstQd17fYB0LXkyUTlKd2P0CsPRnAqx/CpIOoEnTp2LTvl08YCSH2gkDju8hAvkbAx1hXxF7jD6gcATaOgXsROlFc1D6mfwHMrAasQiGX/IwpZAxTnFa+eAK/ruyBt7ZWctEbI2oh+yXbVwUWZitqCVSmd+lmuyhVHqK2Sk/C0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CWy1TFj1+lCCOo+g8DcAJwohuxSLWwzsGtRZzojd6Rw=; b=KwDGbrsF6vNcYVmFwobrRi1ETtgeAH+hEC66EfswfosA48g3OwBlYxvGLSgX6fW2VrGvSpeWWr8K1OWSpzNFmSHrjM9lWPjDyPS0G+D8lI+wHblrjKavERPTAOWyadmWsEImKPfUojbFtPpqNReRlTckcvbYurNwjzQ08uky76pntC73Efz/xbZC4rgEGtA9x64EVPuQuoZL/0BWTNV/9FsTI+gBeRzaGoUIp5aR1b3MjmLh1xkdB8IiN4WdZiYT1lzn0QAwXM8+R3WPoaGSomYER4JcEkLowwkT7HURC8tpSWU4wSgOWbF3UzcYLWNgKpSoBF4DNAdZ0n7en7c+bA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=sourceware.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CWy1TFj1+lCCOo+g8DcAJwohuxSLWwzsGtRZzojd6Rw=; b=8CVtiYbyFHpUZdA+6Zms+wzLwwAuHknWZlXr/vuUit17PpMWBQVmBUB9IFTo2ScQvfuAPQRAccq3xM3Z/mV3Wq8QMt7eD13Opi71pVQ6DMeHZ0d5FzNbAO1TApV7nafIRnrWe/tLjFzcHLAfazXVGAUXwjgAsW82nOaU8HiyqAI= Received: from DU2PR04CA0056.eurprd04.prod.outlook.com (2603:10a6:10:234::31) by PAVPR08MB9628.eurprd08.prod.outlook.com (2603:10a6:102:31c::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.29; Mon, 2 Oct 2023 14:16:33 +0000 Received: from DBAEUR03FT048.eop-EUR03.prod.protection.outlook.com (2603:10a6:10:234:cafe::fd) by DU2PR04CA0056.outlook.office365.com (2603:10a6:10:234::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.30 via Frontend Transport; Mon, 2 Oct 2023 14:16:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by DBAEUR03FT048.mail.protection.outlook.com (100.127.142.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6863.23 via Frontend Transport; Mon, 2 Oct 2023 14:16:33 +0000 Received: from AZ-NEU-EX02.Emea.Arm.com (10.251.26.5) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 14:16:32 +0000 Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX02.Emea.Arm.com (10.251.26.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 2 Oct 2023 14:16:32 +0000 Received: from armchair.cambridge.arm.com (10.2.80.71) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.2507.27 via Frontend Transport; Mon, 2 Oct 2023 14:16:32 +0000 From: Szabolcs Nagy To: Subject: [PATCH v3] Fix off-by-one OOB write in iconv/tst-iconv-mt Date: Mon, 2 Oct 2023 15:16:31 +0100 Message-ID: <20231002141631.1882760-1-szabolcs.nagy@arm.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DBAEUR03FT048:EE_|PAVPR08MB9628:EE_|AM7EUR03FT026:EE_|GV2PR08MB8390:EE_ X-MS-Office365-Filtering-Correlation-Id: 61f1a878-72f0-4497-5926-08dbc352335b x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: n+C2oSh81dye8aeppJFGSppqDRS+CmcmBMAZmRvNwn8y5ZCwx3z/gJLYwX9X4PuIsW7NHqIEMqXUYEJcgjL09Mx9dB/R+8YuhBI4DDiJZk89salEXeOoBrRt1VJmbSWRhItzOKA1KSt+1J4Mxo07ff7EHQWX4YyGp9DbTjUeCSL3PHw9nIVPIYA9m9VHJwd0sCKOSy/XSogOevixzX1Wx9sq9L5TnpmuyH8sSwk+sr3inHFAwmy5xpTlmnVQ9gnvUI2WNBzKQO2yU/HCzKFXEHub2cCPoRsMas8x+DCdGzawNHswr3+DMS05UammdSHanrZH1xP72GPkB21CloRfox+jT0cmoXJRn0E9PL4oIMeu1oRoR62CVIVCLVpLwwxhSyamF9+pOmPS+cMoK0OLbZvPWFzsWp5SDelRvVxC6nuhn5iwEnn41RYkPzOKrZPKqzL9A/RSgUJl96HXL1RYLtV+DUUa+GJBib20w8QFUFutyeU3gJfqLTkIpTTt8UxL08WW5HPCdoQovl0t78jZ4/oo2sfyDM144p8fH6U7IC9VNoV0bHK7NHyaQYk1iCy6TMimPw4MCXdSMljiChpuZrFjqBBQo6fxULBbAuH9TguLMm+/1B4+eiqenk0YsP185Pu6Rt+yxRHsD1Ki7f+rrGUWH9RS93iZD8kGRPP0JyMedtwgkhNgzZZqwPQ/vobURMsXeKE7uHFunP6kKPJbj/beDJ4ladBTPZyiKHW5EJaZcN7fDO+WqKsPjZl7oDJH7gLdNOrNJXYj5k3fl2K2Ng== X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:nebula.arm.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230031)(4636009)(396003)(376002)(136003)(346002)(39860400002)(230922051799003)(82310400011)(186009)(451199024)(1800799009)(64100799003)(46966006)(36840700001)(40470700004)(70586007)(70206006)(2906002)(44832011)(8676002)(5660300002)(316002)(6916009)(41300700001)(8936002)(478600001)(7696005)(26005)(36860700001)(336012)(426003)(1076003)(2616005)(40460700003)(83380400001)(47076005)(81166007)(356005)(82740400003)(40480700001)(86362001)(36756003)(36900700001); DIR:OUT; SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR08MB9628 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT026.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: b83472a8-4d95-4c73-fa30-08dbc3522e3d X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: a8yv2yCHwdjZuP2m2kVxhFkq78elkswr872kgd+mVnXxqQHDGRC0j6Vcsn2aeVpNKSGAa0Nk+usxtXDmLIo6v5jmWElgyqoV3pyfiKk0FKSZaeA3Y8EN8CiNkB5HiDS6TryqS6DFtXcO7x4zlYT6//xaF0kvSM2p7LSh27nL5R4wGV1sSt9t2j46I92kpL0u9LZLscN7ji4JetQb4kwEiNihE2X+117BWRXDZ878Us6H4qyhCBQhyYP9zGUH2czrCMYcOpHTVhzqUtla3IG3zxhLwu0rYqKmO5ZJiynVXUcSll0TjAVS7TlZ35JnxciGBHTErA+qvvRJGcZrkslOirb2AdDc9WTywN2SoU2iP4iipFD/SIKUhkA/tYSwTCIVS6QbRnEyk5ii91WxYG78BlNHSuxDgZxy9BOwGQNo1L//8cdYgNUaoPj7n0BgQiUXMmJffDGjOV4wSo1tehfEMzHmzCZHhSePYTxmh6WpYikNDHmiJs82oeLIKT/bY0Zlu+VOWCp1rYc96pqsSWWD61VKRBJgvpDxcYLtok1fx/RO3+AvSVeF/tZ6qfqyQdzdrUK27kaPP4VYNVAJQRR+/2uSN/50u5Iifiji1dpzEjoT550+B+mfmPYbvKkPZsUXv/9I5jSvAmPWM7KcgGBcX3SOrKkc/p6vsazs9vcwOJ/WFLoq4MTBzlEt1dvaVXBcGAwVG401Sla1eIDzaCQy6nJBSNOCTdDpkAsrFvfHiYkaHJw+zS8ceF6CruBWW/CG X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230031)(4636009)(376002)(136003)(39860400002)(346002)(396003)(230922051799003)(186009)(1800799009)(82310400011)(64100799003)(451199024)(36840700001)(40470700004)(46966006)(40460700003)(36860700001)(82740400003)(41300700001)(70586007)(70206006)(26005)(316002)(81166007)(2616005)(478600001)(1076003)(6916009)(7696005)(426003)(47076005)(83380400001)(336012)(8676002)(2906002)(40480700001)(86362001)(8936002)(44832011)(5660300002)(36756003); DIR:OUT; SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2023 14:16:41.8791 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 61f1a878-72f0-4497-5926-08dbc352335b X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT026.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV2PR08MB8390 X-Spam-Status: No, score=-11.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, FORGED_SPF_HELO, GIT_PATCH_0, KAM_DMARC_NONE, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_NONE, TXREP, UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org The iconv buffer sizes must not include the \0 string terminator. And the output termination with *outbufpos = '\0' was OOB. Consistently use non-null-terminated buffer sizes. Reviewed-by: Adhemerval Zanella --- v2: dropped \0 and replaced strncmp with TEST_COMPARE_BLOB. v3: unchanged. (rebase) --- iconv/tst-iconv-mt.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/iconv/tst-iconv-mt.c b/iconv/tst-iconv-mt.c index e634eec1b7..8d7867b323 100644 --- a/iconv/tst-iconv-mt.c +++ b/iconv/tst-iconv-mt.c @@ -57,12 +57,13 @@ worker (void * arg) iconv_t cd; char ascii[] = CONV_INPUT; + size_t bytes = sizeof (CONV_INPUT) - 1; char *inbufpos = ascii; - size_t inbytesleft = sizeof (CONV_INPUT); + size_t inbytesleft = bytes; - char *utf8 = xcalloc (sizeof (CONV_INPUT), 1); + char *utf8 = xcalloc (bytes, 1); char *outbufpos = utf8; - size_t outbytesleft = sizeof (CONV_INPUT); + size_t outbytesleft = bytes; if (tidx < TCOUNT/2) /* The first half of the worker thread pool synchronize together here, @@ -91,8 +92,6 @@ worker (void * arg) &outbytesleft) != (size_t) -1); - *outbufpos = '\0'; - xpthread_barrier_wait (&sync); TEST_VERIFY_EXIT (iconv_close (cd) == 0); @@ -104,11 +103,7 @@ worker (void * arg) if (tidx < TCOUNT/2) xpthread_barrier_wait (&sync); - if (strncmp (utf8, CONV_INPUT, sizeof CONV_INPUT)) - { - printf ("FAIL: thread %lx: invalid conversion output from iconv\n", tidx); - pthread_exit ((void *) (long int) 1); - } + TEST_COMPARE_BLOB (utf8, bytes, CONV_INPUT, bytes); pthread_exit (NULL); }