bug-glibc
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

segfault in stat


From: Nathan Straz
Subject: segfault in stat
Date: Fri, 29 Sep 2000 09:21:00 -0500
User-agent: Mutt/1.2.5i

I was doing some negative testing of stat(2) on Linux with glibc 2.1.3
and I was able to provoke a segfault.  Here is the code:

$ cat stat.c 
#include <sys/stat.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>

int main()
{
  int ret;
  void *ptr = (void*) -1L;

  ret = stat(".",(struct stat *)ptr);
  if (ret==-1)
    perror("stat()");
}

$ ./stat
Segmentation fault (core dumped)
$ gdb stat core
GNU gdb 19991004
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux"...
Core was generated by `./stat'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libc.so.6...done.
Reading symbols from /lib/ld-linux.so.2...done.
#0  0x400c0714 in __xstat (vers=3, name=0x80484b0 ".", buf=0xffffffff)
    at ../sysdeps/unix/sysv/linux/xstatconv.c:40
40      ../sysdeps/unix/sysv/linux/xstatconv.c: No such file or directory.
(gdb) where
#0  0x400c0714 in __xstat (vers=3, name=0x80484b0 ".", buf=0xffffffff)
    at ../sysdeps/unix/sysv/linux/xstatconv.c:40
#1  0x804844d in __stat (file=0x80484b0 ".", buf=0xffffffff) at
stat.c:43
#2  0x8048413 in main () at stat.c:11

It appears to me that when vers != _STAT_VER_KERNEL in __xstat() that
buf is not checked to be valid before xstat_conv uses it.  I realize
this is probably nit-picky, but I thought I would bring it up anyway.  I
would expect a -1 return with errno set to EFAULT as the man page
states, but the info file definately says otherwise.  

Please let me know what the proper behaviour is so I can adjust the test
case accordingly.

Thanks,
-- 
Nate Straz                                              address@hidden
sgi, inc                                           http://www.sgi.com/
Linux Test Project                    http://oss.sgi.com/projects/ltp/



reply via email to

[Prev in Thread] Current Thread [Next in Thread]