Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp785951rdd;
        Tue, 9 Jan 2024 22:19:41 -0800 (PST)
X-Google-Smtp-Source: AGHT+IEE6MxRoeFG26Azsu2U9Cy3iHcH6GVvPVAOIkQ2IhO2UmagQ1tU7MIsGH0rv4EruWIigVPV
X-Received: by 2002:a05:6a20:3c8e:b0:199:6bee:3ed4 with SMTP id b14-20020a056a203c8e00b001996bee3ed4mr339621pzj.116.1704867581406;
        Tue, 09 Jan 2024 22:19:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1704867581; cv=none;
        d=google.com; s=arc-20160816;
        b=F2HghFjUxTlmqN5rRKQZ8FFpYx7CaE/v0ckOPAMkTNmlC5p28EXrAEHdrHg7It8qDO
         5HRW/6rboAjO5J7OFgoVwPyR3zEBvpPfr/cpwZOj4HzlNYWYTBdOyfMdCY0yLBQTarxR
         DIWuUjUJKd/6M7vURCRo+DAA9abuUBWh+KhB89sYj2BDA1cXR1KhVAfTJqMJTIe0RAC8
         6ozbTUfJ2LoTz5NqzS0tBIG8l6Azv9iJluIh/qwswnAzEq6wYUoeF9b1pqXGZs9uAns1
         /CUr1tZKcGK8iZu7e0Oc7GOWXTR7GHnukVHmvE1dWXxXoxMEGp142xn8FXAuwkTMyCPl
         2iyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date;
        bh=LgTKHSuHXsOyHS5KUHIX6dcawZY4TMVF4T7ZusN4XxA=;
        fh=4PKjm3eQdpIiCv2IFCCb+Rt8BgPAsl+d9uKrt8bAdlI=;
        b=UsRw6E7akcwFjUXnnCVFQQfv24g2j8imkQaDzuk7+lfgbf47qQ51e2K9xMRrkOZo5W
         EYuomizDpeoVDY41a76s1TddikpZdoZViPUYB0ics5h3j7XLw9Mn411H9T/Euk1TCpFj
         4oCiI/TRFQA3n80Nksz60PILCDlGKpvliQazTBfFCSYzgOBSZHHUetlro2Pln2z1mOGa
         Kq13QGVi57/0KoMb3ylIlArHxQN1vtNTX3qGIwYYvAJDzr65wiRNiEGomD9mt4jTvgQ6
         enazQYh5/V19ciW+2cIocd7M2FtrK09guk0LbTqQCgV4TYDe7ABomRiDQq83v7F40dCx
         pTww==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel+bounces-21744-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21744-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-kernel+bounces-21744-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
        by mx.google.com with ESMTPS id i11-20020a17090acf8b00b0028cfec7772bsi734718pju.117.2024.01.09.22.19.40
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 09 Jan 2024 22:19:41 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-21744-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel+bounces-21744-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21744-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id C571CB211DD
	for <linux.lists.archive@gmail.com>; Wed, 10 Jan 2024 06:19:27 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 25B1432C76;
	Wed, 10 Jan 2024 06:19:20 +0000 (UTC)
Received: from 1wt.eu (ded1.1wt.eu [163.172.96.212])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id A79DF2A1D3
	for <linux-kernel@vger.kernel.org>; Wed, 10 Jan 2024 06:19:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=1wt.eu
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=1wt.eu
Received: (from willy@localhost)
	by mail.home.local (8.17.1/8.17.1/Submit) id 40A6HqdI006376;
	Wed, 10 Jan 2024 07:17:52 +0100
Date: Wed, 10 Jan 2024 07:17:52 +0100
From: Willy Tarreau <w@1wt.eu>
To: Ammar Faizi <ammarfaizi2@gnuweeb.org>
Cc: Brennan Xavier McManus <bxmcmanus@gmail.com>,
        Thomas =?iso-8859-1?Q?Wei=DFschuh?= <linux@weissschuh.net>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] tools/nolibc/stdlib: fix memory error in realloc()
Message-ID: <ZZ42kAxNA0ogdMAF@1wt.eu>
References: <ZZ3aQv3bKk30kKZA@mizu>
 <ZZ4Y+dak5LC6LTg7@biznet-home.integral.gnuweeb.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <ZZ4Y+dak5LC6LTg7@biznet-home.integral.gnuweeb.org>

Hi,

On Wed, Jan 10, 2024 at 11:11:37AM +0700, Ammar Faizi wrote:
> On Tue, Jan 09, 2024 at 06:44:02PM -0500, Brennan Xavier McManus wrote:
> > Pass user_p_len to memcpy() instead of heap->len to prevent realloc()
> > from copying an extra sizeof(heap) bytes from beyond the allocated
> > region.
> > 
> > Signed-off-by: Brennan Xavier McManus <bxmcmanus@gmail.com>
> > ---
> > 
> > All tests from Ammar's original test program pass:
> > https://gist.github.com/ammarfaizi2/db0af6aa0b95a0c7478bce64e349f021
> > This fix was tested with the following added test for realloc():
> > https://github.com/brennan913/nolibc-test/blob/main/nolibc_test.c#L73-L120
> 
> Hello Brennan,
> 
> Thank you for the fix!
> 
> Cc: stable@vger.kernel.org
> Reviewed-by: Ammar Faizi <ammarfaizi2@gnuweeb.org>
> Fixes: 0e0ff638400be8f497a35b51a4751fd823f6bd6a ("tools/nolibc/stdlib: Implement `malloc()`, `calloc()`, `realloc()` and `free()`")

Thanks both for the fix and the review! I've pushed it to the "fixes"
branch. Thomas, for now I updated the branch to match "next" (which just
got merged) so as to preserve patch ordering, we'll just rebase it once
6.8-rc1 is out.

Willy