IRC channel logs
2023-04-08.log
back to list of logs
<old>eh I have a very weird behavior of guile <old>where I do a (environ (list ...)) followed by a (setenv key value) <old>sometime values in (environ) disapear <old>I fix this by doing: (environ (cons "key=value" (list ...))) <old>this seems to be after a GC .. <old>I have a minial reproducer <old>can someone try it ? <old>should get a line: In execvp of ls: No such file or directory <old>the bug is not in 2.2.7 <old>but in 3.0.7 and 3.0.9 <old>seems like the GC think that strings in environ can be reeused <old>this is a high risk of vulnerability <old>anything could be put in environ <old>I think that `putenv' in libc somehow realloc environ on a putenv call <old>Guile set environ to be a scm_gc_malloc pointer which has GC allocated pointer in it <old>Since glibc change the environ pointer, Guile start garbage collecting the string pointer that was in environ, since there's no reference to them <old>However, glibc did memcpy them into the new environ, so there's dangling pointers <old>yup that what's happening. libc is setting anew pointer in environ while copying the pointer owned by Guile <cow_2001>i end up importing a ton of stuff from guile when using r7rs ~_~ <sneek>"]" is 15.66% lame, because 1 unbalanced bracket, 1 extraneous symbol <sneek>"\U01f490\U01f339\U01f940\U01f337\U01f33a\U01f338\U01f3f5️\U01f33b\U01f33c\U01f4ae" is 99.99% lame, because 11 consecutive non-alphas, 11 extraneous symbols <old>dsmith: I wonder what is the correct fix for that <old>The obvious solution would be to only use the setenv/putenv/unsetenv/clearenv as defined by POSIX <old>and to not use any Guile pointers in environ <old>I'm not sure, gotta read the spec about what happen to these string in libc <dsmith>Wow! The bothandled unicode nicely without crashing. <dsmith>old, I'm not up on all the subtleties of the GC, but there is probably a way to tell it not to mess with the environment. <old>looking a glibc code, strings allocated with setenv are never freed from memory <old>not only that, but glibc internally protect the access to the `environ' with a mutex. <old>Guile simply overwrite that pointer. This is undefined behavior <old>did not know that these function were so bad optimized <old>even copying environ is actually undefined behavior on multi-threading