From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.0 required=5.0 tests=MAILING_LIST_MULTI,
	RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 16294 invoked from network); 23 Oct 2022 05:46:40 -0000
Received: from second.openwall.net (193.110.157.125)
  by inbox.vuxu.org with ESMTPUTF8; 23 Oct 2022 05:46:40 -0000
Received: (qmail 18259 invoked by uid 550); 23 Oct 2022 05:46:36 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
List-ID: <musl.lists.openwall.com>
Reply-To: musl@lists.openwall.com
Received: (qmail 18215 invoked from network); 23 Oct 2022 05:46:35 -0000
Date: Sun, 23 Oct 2022 01:46:22 -0400
From: Rich Felker <dalias@libc.org>
To: Ismael Luceno <ismael@iodev.co.uk>
Cc: musl@lists.openwall.com
Message-ID: <20221023054622.GP29905@brightrain.aerifal.cx>
References: <20221022135723.31813-1-ismael@iodev.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20221022135723.31813-1-ismael@iodev.co.uk>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [musl] [PATCH] remove strdupa

On Sat, Oct 22, 2022 at 03:57:23PM +0200, Ismael Luceno wrote:
> There's no portable way to implement strdupa without double evaluation
> of it's parameter, and it's use leads to vulnerabilities, since there's
> no chance to check for stack overruns.
> 
> Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
> ---
>  include/string.h | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/include/string.h b/include/string.h
> index 43ad0942edd5..65fe0d503004 100644
> --- a/include/string.h
> +++ b/include/string.h
> @@ -88,7 +88,6 @@ void explicit_bzero (void *, size_t);
>  #endif
>  
>  #ifdef _GNU_SOURCE
> -#define	strdupa(x)	strcpy(alloca(strlen(x)+1),x)
>  int strverscmp (const char *, const char *);
>  char *strchrnul(const char *, int);
>  char *strcasestr(const char *, const char *);
> -- 
> 2.38.1

Does anyone have strong opinions one way or the other on this --
especially distro folks who'd need to deal with the fallout?

Rich