[patch #1599] [Patch #1599] store_typed_open border conditions

Sun, 03 Aug 2003 04:28:13 -0700 

Patch #1599 has been updated. 

Project: 
Category: libstore
Status: Open
Summary: store_typed_open border conditions

Follow-Ups:

Date: Thu 07/31/2003 at 23:17
By: marcus

Comment:
This patch is definitely wrong.  The code should do the following:

FOO:BAR - Open the class FOO with parameter BAR
FOO: - Open the class FOO with no parameter
:BAR - Open the file BAR (with store_open)
BAZ - Try to find a class BAZ, and open that with no parameter, but if class is not 
found, open file BAZ with store_open.

Look at the code:

  const char *clname_end = strchrnul (name, ':');
                                                                                
  if (clname_end == name)
    /* Open NAME with store_open.  */
    return store_open (name + 1, flags, classes, store);

This covers the ":BAR" case.  You make the code look in that case for a class "".  
Then come all the other cases, which (potentially) start with a class name.  So we 
search for classes, either in the statically linked list, or by dynamically loading a 
library with that class.

Only if that fails, and there is no ':', then we know we have a BAZ case where BAZ is 
not a class, but a file.  Then open the file.

I think the only bug here is that the dynamic loading mechanism segfaults, which you 
probably have fixed with your linker change.  So I am closing this.  If I overlooked 
something, we can reopen it.

-------------------------------------------------------

Date: Fri 08/01/2003 at 10:29
By: ogi

Comment:
OK, next time I'll read the comment right before function ;-)

I've found two new possible problems with the function.  A new patch is uploaded that 
address them.  Unfortunately, to completely test the patch, patched libc is required.

When NAME is empty string, clname_end is equal to name.  The first "if" thinks that 
the string begins with ':' and it will call store_open with name+1, which can possibly 
lead to SEGV and other undesirable behavior.

store_module_open exits immediately with EINVAL if it doesn't find ':'.  This means 
that if you pass file name without ':' and weak symbol store_module_open points to 
something, then the function will return with EINVAL instead of calling store_open.


-------------------------------------------------------

Date: Fri 08/01/2003 at 12:47
By: marcus

Comment:
It doesn't make sense to do anything if NAME is empty, so just
fail with EINVAL right at the beginning if *NAME is 


_______________________________________________
Bug-hurd mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/bug-hurd

Reply via email to