Bug#182542: libc6-dev: strerror_r totally messed up
Package: libc6-dev
Version: 2.2.5-11.2
Severity: normal
Tags: security
The manual, the declaration and the working of strerror_t() function
disagree. The manual page strerror(3) states that the function is declared
in <string.h> as
int strerror_r(int errnum, char *buf, size_t n);
The include file <string.h> contains (abbreviated):
char *strerror_r (int __errnum, char *__buf, size_t __buflen);
(note the return type). And the function never touches the given buffer,
instead it works exactly like strerror(). This means that it's not
thread-safe, and can potentially be used for buffer-overrun attacks.
The manual-described working of the function is the correct one, I think.
At the very least, it's almost identical to HP/UX strerror_t() manual.
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux Hermes 2.4.18-686 #1 Sun Apr 14 11:32:47 EST 2002 i686
Locale: LANG=pl_PL.iso88592, LC_CTYPE=pl_PL.iso88592
Versions of packages libc6-dev depends on:
ii libc6 2.2.5-11.2 GNU C Library: Shared libraries an
Reply to: