[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bug#57129: 29.0.50; Improve behavior of conditionals in Eshell

From: Paul Eggert
Subject: Re: bug#57129: 29.0.50; Improve behavior of conditionals in Eshell
Date: Mon, 22 Aug 2022 15:47:28 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

Thanks for the detailed diagnosis, Bruno. To try to fix the problems I installed the attached patches into Gnulib. If I understand things correctly, these patches should fix the 0.1% failure rate you observed on 64-bit mingw. They also fix a minor security leak I discovered: in rare cases, ASLR entropy was used to generate publicly visible file names, which is a no-no as that might help an attacker infer the randomized layout of a victim process.

These fixes follow some but not all the suggestions you made. The basic problem I saw was that tempname.c was using too much belt-and-suspenders code, so much so that the combination of belts and suspenders misbehaved. I simplified it a bit and this removed the need for some of the suggestions.

These fixes should be merged into glibc upstream since they fix glibc bugs; I plan to follow up on that shortly.

Attachment: 0001-tempname-merge-64-bit-time_t-fix-from-glibc.patch
Description: Text Data

Attachment: 0002-tempname-fix-multithreading-ASLR-leak-etc.patch
Description: Text Data

Attachment: 0003-tempname-don-t-lose-entropy-in-seed.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]