Right place to discuss probable issues in libobjc2?

[Mathias Bauer]

Hi,

I discovered a problem in libobjc2. I got my libobjc2 from the gnustep 
repo, so I'm asking here. If this isn't the right place to discuss 
libobjc2 here, please bear with me and lead me to the right place.

Here's the problem in block_to_imp.c:

> static struct wx_buffer alloc_buffer(size_t size)
> {
>         LOCK_FOR_SCOPE(&trampoline_lock);
>         if ((0 == offset) || (offset + size >= PAGE_SIZE))
>         {
>                 int fd = mkstemp(tmpPattern);
>                 unlink(tmpPattern);
>                 ftruncate(fd, PAGE_SIZE);
>                 void *w = mmap(NULL, PAGE_SIZE, PROT_WRITE, MAP_SHARED, fd, 0);
>                 executeBuffer = mmap(NULL, PAGE_SIZE, PROT_READ|PROT_EXEC, 
> MAP_SHARED, fd, 0);
>                 *((void**)w) = writeBuffer;
>                 writeBuffer = w;
>                 offset = sizeof(void*);
>         }
>         struct wx_buffer b = { writeBuffer + offset, executeBuffer + offset };
>         offset += size;
>         return b;
> }

where tmpPattern is initialized here:

> PRIVATE void init_trampolines(void)
> {
>         INIT_LOCK(trampoline_lock);
>         char *tmp = getenv("TMPDIR");
>         if (NULL == tmp)
>         {
>                 tmp = "/tmp/";
>         }
>         if (0 > asprintf(&tmpPattern, "%s/objc_trampolinesXXXXXXXXXXX", tmp))
>         {
>                 abort();
>         }
> }

According to the man page of mkstemp, "tmpPattern" *must* have "XXXXXX" 
at the end. As you can see in the code show above, this is true for the 
first call to alloc_buffer, but the second call to that function will be 
done with a changed value of tmpPattern. So at least on Ubuntu 12.04 
this second call fails and causes a crash.

There would be several ways to fix that, either using a copy of 
tmpPattern in each alloc_buffer call or always resetting tmpPattern 
after the unlink call.

Any opinions about that?

Best regards,
Mathias