From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/12515 Path: news.gmane.org!.POSTED!not-for-mail From: Andrew Bell Newsgroups: gmane.linux.lib.musl.general Subject: Re: fwrite() - possible division by zero Date: Wed, 14 Feb 2018 14:48:14 -0500 Message-ID: References: <20180214193942.nar6nvuulv4rg5nt@voyager> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="001a1135709c5c5b0a0565316410" X-Trace: blaine.gmane.org 1518637601 338 195.159.176.226 (14 Feb 2018 19:46:41 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Wed, 14 Feb 2018 19:46:41 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-12532-gllmg-musl=m.gmane.org@lists.openwall.com Wed Feb 14 20:46:37 2018 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.84_2) (envelope-from ) id 1em30a-0007VL-Dm for gllmg-musl@m.gmane.org; Wed, 14 Feb 2018 20:46:24 +0100 Original-Received: (qmail 12141 invoked by uid 550); 14 Feb 2018 19:48:27 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 12123 invoked from network); 14 Feb 2018 19:48:27 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=4K5ty9bMEKn1Os+EiMaT2A57GKJ3K+aJ0TmcKiPQnyg=; b=nvfXDnQizwlQH8znEk7Na2BNbT9FW/RWjxjwAqWB2pyw4Jk88EPABFxYb+Z4vYS9IG IC4ub1506qxOA+fyrObGgI2S/pjdzedwnSDqzAarj88/LGfRPteAZ+l+wlngdZk2fOvI 0x3IfI7tRwU/5/VHbqNm2P1APxefrMV2C0MCtuGQ8UNLr9TJcV4d9wXx2kDgk2Nsadez EB7+/BKvHmYFcWEeU2xKS0c7FYpVVUJgDSpDIzwTKuQefVYY7tSCZVf3KnYWeYX+vCAd 5K3bNRVC0LdY4Y87XUFZ7P6zjXOETXm6YA6NjIBf5HTRVSKRBhlVZqeZfPiinugNNKFo 1ORw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=4K5ty9bMEKn1Os+EiMaT2A57GKJ3K+aJ0TmcKiPQnyg=; b=ru7HhWV4LNsC+bPuHF4EZ5BreS6n2tjq1xMbNd9tjTu02PyxHsnS5n7SdQ0cB6VtEU NFzotjP6qYY2C7yh1RDQGQ3CGScEBfoLjAJwteNe7H/fTWIkOwMQwzRL6tX+sRbUPbVc JI+gfIcM3AJsvAVtvT1HLzsnMtZ/xf8NP/ebKdN5VI8c84EIA22ghmLovKBs0Fm07wpO UzeB1Jk9NBzocBNHnudD6F97jD27QYI5y1x3x9vt2GOWx/no19rdNgZBoCVUnIGlI8Es gcVPj/bzmCQpW0EeHdr+2oub767IT5LQmYZqFR2BdXeIC2uNChxmiuf2M071Kipf3ScJ 3qvw== X-Gm-Message-State: APf1xPBKuVH7WgiTi1RkyPc5/TPCVaqSAFsskwb6/k8aatqBy8FJS8Bs OUmZhV2Crsr06IdgACbMz3WmobqN7vAGDlWQttozKA== X-Google-Smtp-Source: AH8x227X2VtECdXIDvuwmtNzvxMzMnZ0Kg83vzXXaOhCIKdpspX+Li8odDFy/wSOsKJ5SB8RSiCDQB11W8BQYvbiYAw= X-Received: by 10.200.46.6 with SMTP id r6mr385675qta.8.1518637695128; Wed, 14 Feb 2018 11:48:15 -0800 (PST) In-Reply-To: <20180214193942.nar6nvuulv4rg5nt@voyager> Xref: news.gmane.org gmane.linux.lib.musl.general:12515 Archived-At: --001a1135709c5c5b0a0565316410 Content-Type: text/plain; charset="UTF-8" On Wed, Feb 14, 2018 at 2:39 PM, Markus Wichmann wrote: > On Wed, Feb 14, 2018 at 04:24:16PM -0200, Geraldo Netto wrote: > > Dear Friends, > > > > I was playing with musl and I think I may have found an issue on > fwrite(): > > > > This is the original code: > > > > size_t fwrite(const void *restrict src, size_t size, size_t nmemb, > > FILE *restrict f) > > { > > size_t k, l = size*nmemb; > > if (!size) nmemb = 0; > > FLOCK(f); > > k = __fwritex(src, l, f); > > FUNLOCK(f); > > return k==l ? nmemb : k/size; > > } > > > > If size is zero, then l is zero. So __fwritex will be called with l as > zero. Which means, if you read that code, that it will have to return > zero. Why not early return if size == 0 and avoid the call to __fwritex altogether? -- Andrew Bell andrew.bell.ia@gmail.com --001a1135709c5c5b0a0565316410 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On W= ed, Feb 14, 2018 at 2:39 PM, Markus Wichmann <nullplan@gmx.net> wrote:
On Wed, Feb 1= 4, 2018 at 04:24:16PM -0200, Geraldo Netto wrote:
> Dear Friends,
>
> I was playing with musl and I think I may have found an issue on fwrit= e():
>
> This is the original code:
>
> size_t fwrite(const void *restrict src, size_t size, size_t nmemb,
> FILE *restrict f)
> {
>=C2=A0 =C2=A0 =C2=A0size_t k, l =3D size*nmemb;
>=C2=A0 =C2=A0 =C2=A0if (!size) nmemb =3D 0;
>=C2=A0 =C2=A0 =C2=A0FLOCK(f);
>=C2=A0 =C2=A0 =C2=A0k =3D __fwritex(src, l, f);
>=C2=A0 =C2=A0 =C2=A0FUNLOCK(f);
>=C2=A0 =C2=A0 =C2=A0return k=3D=3Dl ? nmemb : k/size;
> }
>

If size is zero, then l is zero. So __fwritex will be called with l = as
zero. Which means, if you read that code, that it will have to return
zero.

Why not early return if size =3D=3D 0= and avoid the call to __fwritex altogether?

-- <= br>
Andrew= Bell
andr= ew.bell.ia@gmail.com
--001a1135709c5c5b0a0565316410--