[PATCH 01/24] lib/path: ul_path_cpuparse: fix parsing of empty sysfs files
Kernel 5.15 returns empty content for topology/thread_siblings on
aarch64 platform, which in conjunction of uninitialized `buf` memory
buffer results in the garbage:
(gdb) p buf
$14 = " @\377\367\177\000\000\000\275\000\347j\032\236"
This garbage is then being later consumed by underlying helper functions
like for example cpumask_parse() and this leads to the following crash
later:
in __libc_free (p=0x7ff7f67c00) at src/malloc/mallocng/free.c:105
in free (p=<optimized out>) at src/malloc/free.c:5
in add_cpuset_to_array (setsize=<optimized out>, set=<optimized out>, items=<optimized out>, ary=<optimized out>) at ../sys-utils/lscpu-topology.c:29
in cputype_read_topology (cxt=cxt@entry=0x7ff7fffe70, ct=0x4298a0) at ../sys-utils/lscpu-topology.c:153
in lscpu_read_topology (cxt=cxt@entry=0x7ff7fffe70) at ../sys-utils/lscpu-topology.c:629
in main (argc=1, argv=0x7ffffffdb8) at ../sys-utils/lscpu.c:1341
It looks like the problem is that current logic expects fgets() to set
errno on failure, but fgets() is not documented to do so and and neither
glibc nor musl set errno. So if errno was set to 0 before fgets() call,
the failure from fgets() is ignored and then invalid buffer is being
parsed.
Fixes: #1810
Suggested-by: Thomas Weißschuh <thomas@t-8ch.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Gbp-Pq: Topic upstream
Gbp-Pq: Name 0001-lib-path-ul_path_cpuparse-fix-parsing-of-empty-sysfs.patch
projects / util-linux.git / commit