diff mbox series

resolv: use proper bound in __gai_freemem

Message ID	20230905152702.619804-1-peadar@arista.com
State	Changes Requested
Headers	DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6D5A23858D32 To: libc-alpha@sourceware.org Cc: Peter Edwards <peadar@arista.com> Subject: [PATCH] resolv: use proper bound in __gai_freemem Date: Tue, 5 Sep 2023 16:27:02 +0100 Message-ID: <20230905152702.619804-1-peadar@arista.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list From: Peter Edwards via Libc-alpha <libc-alpha@sourceware.org> Reply-To: Peter Edwards <peadar@arista.com> Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
Series	resolv: use proper bound in __gai_freemem \| resolv: use proper bound in __gai_freemem

Checks

Context	Check	Description
redhat-pt-bot/TryBot-apply_patch	success	Patch applied to master at the time it was sent
redhat-pt-bot/TryBot-32bit	success	Build for i686
linaro-tcwg-bot/tcwg_glibc_build--master-arm	success	Testing passed
linaro-tcwg-bot/tcwg_glibc_build--master-aarch64	success	Testing passed
linaro-tcwg-bot/tcwg_glibc_check--master-arm	success	Testing passed
linaro-tcwg-bot/tcwg_glibc_check--master-aarch64	success	Testing passed

Commit Message

Peter Edwards Sept. 5, 2023, 3:27 p.m. UTC

  __gai_freemem participates in the __libc_freeres mechanism to clean up
things at exit when requested by debugging/heap-checking tools such as
valgrind

The "pool" in gai_misc.c has valid data over the range [0, pool_size),
but the allocation stretches as far as pool_max_size. The elements
between pool_size and pool_max_size are uninitialized - so, use
pool_size as the iteration limit when free'ing data from pool, not
pool_max_size.
---
 resolv/gai_misc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Florian Weimer Sept. 7, 2023, 8:46 a.m. UTC | #1

* Peter Edwards via Libc-alpha:

> __gai_freemem participates in the __libc_freeres mechanism to clean up
> things at exit when requested by debugging/heap-checking tools such as
> valgrind
>
> The "pool" in gai_misc.c has valid data over the range [0, pool_size),
> but the allocation stretches as far as pool_max_size. The elements
> between pool_size and pool_max_size are uninitialized - so, use
> pool_size as the iteration limit when free'ing data from pool, not
> pool_max_size.
> ---
>  resolv/gai_misc.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/resolv/gai_misc.c b/resolv/gai_misc.c
> index 9e3b1d29b7..0c0ae741f9 100644
> --- a/resolv/gai_misc.c
> +++ b/resolv/gai_misc.c
> @@ -442,7 +442,7 @@ __gai_freemem (void)
>  {
>    size_t row;
>  
> -  for (row = 0; row < pool_max_size; ++row)
> +  for (row = 0; row < pool_size; ++row)
>      free (pool[row]);
>  
>    free (pool);

Would you please re-post this with Signed-off-by:?  Patch itself looks
good.

Thanks,
Florian

diff mbox series

Patch

diff --git a/resolv/gai_misc.c b/resolv/gai_misc.c
index 9e3b1d29b7..0c0ae741f9 100644
--- a/resolv/gai_misc.c
+++ b/resolv/gai_misc.c
@@ -442,7 +442,7 @@  __gai_freemem (void)
 {
   size_t row;
 
-  for (row = 0; row < pool_max_size; ++row)
+  for (row = 0; row < pool_size; ++row)
     free (pool[row]);
 
   free (pool);