Bug#182542: libc6-dev: strerror_r totally messed up

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#182542: libc6-dev: strerror_r totally messed up
From: Piotr Sulecki <Piotr.Sulecki@ios.krakow.pl>
Date: Wed, 26 Feb 2003 13:43:06 +0100
Message-id: <[🔎] 20030226124307.7411F4D07@hermes.ios.krakow.pl>
Reply-to: Piotr Sulecki <Piotr.Sulecki@ios.krakow.pl>, 182542@bugs.debian.org

Package: libc6-dev
Version: 2.2.5-11.2
Severity: normal
Tags: security

The manual, the declaration and the working of strerror_t() function
disagree. The manual page strerror(3) states that the function is declared
in <string.h> as

int strerror_r(int errnum, char *buf, size_t n);

The include file <string.h> contains (abbreviated):

char *strerror_r (int __errnum, char *__buf, size_t __buflen);

(note the return type). And the function never touches the given buffer,
instead it works exactly like strerror(). This means that it's not
thread-safe, and can potentially be used for buffer-overrun attacks.

The manual-described working of the function is the correct one, I think.
At the very least, it's almost identical to HP/UX strerror_t() manual.

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux Hermes 2.4.18-686 #1 Sun Apr 14 11:32:47 EST 2002 i686
Locale: LANG=pl_PL.iso88592, LC_CTYPE=pl_PL.iso88592

Versions of packages libc6-dev depends on:
ii  libc6                         2.2.5-11.2 GNU C Library: Shared libraries an

Reply to:

Follow-Ups:
- Bug#182542: libc6-dev: strerror_r totally messed up
  - From: GOTO Masanori <gotom@debian.or.jp>

Prev by Date: Processed: Re: Processed: MADV on m68k
Next by Date: Re: 2.3.1-14
Previous by thread: Processed: Re: Processed: MADV on m68k
Next by thread: Bug#182542: libc6-dev: strerror_r totally messed up
Index(es):
- Date
- Thread