mirror of
https://sourceware.org/git/glibc.git
synced 2025-11-02 09:33:31 +03:00
4ae9b66048
The struct shmdir_name in include/shm-directory.h has name field to contains the full path of the POSIX IPC object (shm and sem). The size was previously set to sizeof (SHMDIR) + 4 + NAME_MAX, where 4 bytes were reserved for the optional "sem." prefix. This led to incorrect execution of the __shm_get_name function in posix/shm-directory.c which is used accross in shm_[open/unlink] and sem_[open/unlink] functions. For shm_[open/unlink]: This is because the name field was large enough to hold 268 characters (255 + 4 + 9) instead of the maximum allowed 263 characters (255 + 9). This caused the __shm_get_name to not throw ENAMETOOLONG error when the name length exceeded NAME_MAX (255) upto 259 characters. For sem_[open/unlink]: Similarly, the __shm_get_name incorrectly returned success for names of length 255 instead of 251 (255 - 4). This was overlooked as finally these functions throw the correct ENAMETOOLONG error; which was thrown by the openat syscall, which is called later in the shm_* and sem_* functions. This patch corrects the size of name field in struct shmdir_name to sizeof (SHMDIR) + NAME_MAX. The __shm_get_name function return ENAMETOOLONG if alloc_buffer_has_failed returns true (which only happens when copy length > alloc_buffer_size (buffer)). Relevant runtime monitoring were done in gdb to confirm the same. Signed-off-by: Prasanna Paithankar <paithankarprasanna@gmail.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
43 lines
1.4 KiB
C
43 lines
1.4 KiB
C
/* Header for directory for shm/sem files.
|
|
Copyright (C) 2014-2025 Free Software Foundation, Inc.
|
|
This file is part of the GNU C Library.
|
|
|
|
The GNU C Library is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU Lesser General Public
|
|
License as published by the Free Software Foundation; either
|
|
version 2.1 of the License, or (at your option) any later version.
|
|
|
|
The GNU C Library is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
License along with the GNU C Library; if not, see
|
|
<https://www.gnu.org/licenses/>. */
|
|
|
|
#ifndef _SHM_DIRECTORY_H
|
|
|
|
#include <limits.h>
|
|
#include <paths.h>
|
|
#include <stdbool.h>
|
|
|
|
/* The directory that contains shared POSIX objects. */
|
|
#define SHMDIR _PATH_DEV "shm/"
|
|
|
|
struct shmdir_name
|
|
{
|
|
/* The combined prefix/name. The sizeof includes the terminating
|
|
NUL byte. */
|
|
char name[sizeof (SHMDIR) + NAME_MAX];
|
|
};
|
|
|
|
/* Sets RESULT->name to the constructed name and returns 0 on success,
|
|
or -1 on failure. Includes the "sem." prefix in the name if
|
|
SEM_PREFIX is true. */
|
|
int __shm_get_name (struct shmdir_name *result, const char *name,
|
|
bool sem_prefix);
|
|
libc_hidden_proto (__shm_get_name)
|
|
|
|
#endif /* shm-directory.h */
|