From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.0 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.2 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by inbox.vuxu.org (OpenSMTPD) with SMTP id 3265e6ff for ; Tue, 28 Jan 2020 21:44:10 +0000 (UTC) Received: (qmail 1492 invoked by uid 550); 28 Jan 2020 21:44:08 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 1474 invoked from network); 28 Jan 2020 21:44:08 -0000 Date: Tue, 28 Jan 2020 16:43:56 -0500 From: Rich Felker To: musl@lists.openwall.com Message-ID: <20200128214356.GH30412@brightrain.aerifal.cx> References: <20200128194032.4370-1-soeren+git@soeren-tempel.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20200128194032.4370-1-soeren+git@soeren-tempel.net> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: Rich Felker Subject: Re: [musl] [PATCH] cuserid: support invocation with a NULL pointer argument On Tue, Jan 28, 2020 at 08:40:32PM +0100, Sören Tempel wrote: > I did not manage to find a copy of IEEE 1003.1-1988 (the last POSIX > version where cuserid was last standardized) the Single UNIX > specification version 2 does state the following though [1]: > > If s is a null pointer, this representation is generated in an > area that may be static (and thus overwritten by subsequent > calls to cuserid()), the address of which is returned. > > Even though this a legacy function it would therefore be nice for musl > to support usage with a NULL pointer. I ran into this on Alpine Linux > when using cdparanoia [2] which uses cuserid like this and therefore > caused a crash on my system. > > [1]: https://pubs.opengroup.org/onlinepubs/7908799/xsh/cuserid.html > [2]: https://xiph.org/paranoia/index.html I'm not sure whether to adopt this or not, but thanks for posting on the list for discussion. In any case it's something we should try to get fixed in apps that are using it, since this is no longer portable usage and is gratuitously thread-unsafe. > --- > src/legacy/cuserid.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/src/legacy/cuserid.c b/src/legacy/cuserid.c > index 4e78798d..19206ba4 100644 > --- a/src/legacy/cuserid.c > +++ b/src/legacy/cuserid.c > @@ -5,10 +5,12 @@ > > char *cuserid(char *buf) > { > + static char *usridbuf[L_cuserid]; Surely the * there is misplaced; the following should not compile with it there: > struct passwd pw, *ppw; > long pwb[256]; > if (getpwuid_r(geteuid(), &pw, (void *)pwb, sizeof pwb, &ppw)) > return 0; > + buf = (buf) ? buf : usridbuf; > snprintf(buf, L_cuserid, "%s", pw.pw_name); > return buf; > } Also no need for parens around (buf); the more idiomatic way to write this would be: if (!buf) buf = usridbuf; Rich