~alpine/devel

1

[alpine-devel] Segfault in hwclock

Jeff Pohlmeyer <yetanothergeek@gmail.com>
Details
Message ID
<CAEuRe+0Ofx8v3hpCyTCPKtRJJrrxM7ZkcKkTWamhzmVw47fLzQ@mail.gmail.com>
Sender timestamp
1397081774
DKIM signature
missing
Download raw message
10 years ago 
The "hwclock" program from util-linux is crashing with musl.

The problem is on line 393 of util-linux-2.23.2/sys-utils/hwclock.c:

  setenv("TZ", getenv("TZUTC"), TRUE);

Apparently musl's version of setenv() doesn't like it when the second
argument is NULL.

( The crash only happens if the "TZUTC" environment variable is unset. )


Here is a simple test app:
/*********************************/
#include <stdlib.h>
int main(int argc, char*argv[]) {
  setenv("FOO",NULL,1);
  return 0;
}
/*********************************/

Compiling with gcc -Wall on ArchLinux/GNU-libc, I get a warning:

  warning: null argument where non-null required (argument 2) [-Wnonnull]

But the program doesn't crash at run time.


With Alpine/musl, there is no compile time warning, but the program crashes.


So it looks like musl's setenv() could stand to be a bit more robust,
but hwclock
really shouldn't be passing it a null, either.


 - Jeff


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Timo Teras <timo.teras@iki.fi>
Details
Message ID
<20140410091116.27ef34f0@vostro>
In-Reply-To
<CAEuRe+0Ofx8v3hpCyTCPKtRJJrrxM7ZkcKkTWamhzmVw47fLzQ@mail.gmail.com> (view parent)
Sender timestamp
1397110276
DKIM signature
missing
Download raw message
10 years ago 
On Wed, 9 Apr 2014 17:16:14 -0500
Jeff Pohlmeyer <yetanothergeek@gmail.com> wrote:

> The "hwclock" program from util-linux is crashing with musl.

Committed a fix.

> The problem is on line 393 of util-linux-2.23.2/sys-utils/hwclock.c:
> 
>   setenv("TZ", getenv("TZUTC"), TRUE);
> 
> Apparently musl's version of setenv() doesn't like it when the second
> argument is NULL.

Correct. This is per posix specification. value needs to point to a
valid string. This is application code bug.

> Compiling with gcc -Wall on ArchLinux/GNU-libc, I get a warning:
> 
>   warning: null argument where non-null required (argument 2)
> [-Wnonnull]

This is implies that glibc thinks same way. value must not be null. The
attribute also allows compiler to assume this and optimize code
accordingly. It would be perfectly valid for gcc to optimize glibc
build in such a way that it would crash too.

> But the program doesn't crash at run time.

Depends on compiler.

> With Alpine/musl, there is no compile time warning, but the program
> crashes.
> 
> So it looks like musl's setenv() could stand to be a bit more robust,
> but hwclock
> really shouldn't be passing it a null, either.

Fixed application.

Thanks for the report.

- Timo


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)