tinycc-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from

From: Steffen Nurpmeso
Subject: Re: [Tinycc-devel] NULL pointer dereference due to unchecked return from fdopen()
Date: Mon, 28 Feb 2022 13:46:08 +0100
User-agent: s-nail v14.9.23-243-g00c89d995b 
Vincent Lefevre wrote in
 <20220228103710.GA33433@zira.vinc17.org>:
 |On 2022-02-28 10:50:29 +0100, grischka wrote:
 |> Christian Jullien wrote:
 |>> Thanks,
 |>> This is unfortunately not the only case where returned value is \
 |>> not tested, just for fdopen, if maintainers agree, we can probably \
 |>> apply:
 |>> Wdyt?
 |> 
 |> The rule is, as always:  don't write code that you cannot test.
 |
 |Various other error cases are probably not tested.
 |Has anyone checked code coverage?
 |
 |Testing the code can be done once by adding "fp = NULL;" and checking
 |that the error is correctly handled. Otherwise, perhaps with LD_PRELOAD
 |to define a fdopen wrapper that will simulate an error for some calls.
 |
 |> Can you?
 |> 
 |> Otherwise, can we stop suggesting sloppily crafted quick patches
 |> addressing non-existent problems?
 |
 |fdopen() may fail. So this is a real problem. However, the check for
 |errors should be done on the other related function calls too.
 |
 |Not checking errors may yield obscure errors in user code and/or
 |data loss/corruption (this happened to me with GCC, which did not
 |check some write errors, so that data were randomly silently missing
 |on NFS and my scripts were failing with errors difficult to debug).

Let's just write a tcc_fdopen() the same way myriads of projects
create their local xmalloc()?

  #?0|kent:tcc.git$ git grep fdopen mob
  mob:lib/tcov.c:    return fdopen (fd, "r+");
  mob:tcccoff.c:    f = fdopen(fd, "rb");
  mob:tccelf.c:    f = fdopen(fd, "wb");
  mob:tcclib.h:FILE *fdopen(int fildes, const char *mode);
  mob:tccmacho.c:    fp = fdopen(fd, "wb");
  mob:tcctools.c:        depout = fdopen(1, "w");
  mob:win32/include/stdio.h:  FILE *__cdecl fdopen(int _FileHandle,const char 
*_Mode);
  mob:win32/include/stdio.h:  _CRTIMP FILE *__cdecl _fdopen(int 
_FileHandle,const char *_Mode);
  mob:win32/include/stdio.h:  _CRTIMP FILE *__cdecl _wfdopen(int _FileHandle 
,const wchar_t *_Mode);
  mob:win32/include/stdio.h:  FILE *__cdecl fdopen(int _FileHandle,const char 
*_Format);
  mob:win32/include/tchar.h:#define _tfdopen _wfdopen
  mob:win32/include/tchar.h:#define _tfdopen fdopen
  mob:win32/include/tchar.h:#define _tfdopen _fdopen
  mob:win32/include/wchar.h:  _CRTIMP FILE *__cdecl _wfdopen(int _FileHandle 
,const wchar_t *_Mode);
  mob:win32/lib/msvcrt.def:_fdopen
  mob:win32/lib/msvcrt.def:_wfdopen

Shouldn't take longer than the quarter of an hour.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]