lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <437003A6.4020502@amxl.com>
Date: Tue, 08 Nov 2005 14:47:18 +1300
From: Andrew Miller <andrew@...l.com>
To: bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.grok.org.uk, Casper.Dik@....com
Subject: Re: Re: readdir_r considered harmful


Casper.Dik@....COM wrote:
...

>Had they done so, we would never have had to use readdir_r() and progammers
>would not have introduced bugs in the (mis)use of pathconf, over allocating,
>etc.
>
>I would be interested in seeing any real-world use of readdir_r() in
>a context where readdir_r() is required (multiple threads reading from
>a single DIR *).
>  
>
Consider the following situation(I'm not sure if anyone actually does this):
1) You have a "spool" directory containing a large number of files, each
which represents a task to process.
2) You have a number of worker threads. Each worker thread reads a file
from the global DIR*, and then opens and reads the file for
processing(and then loops on 2).

Of course, you could always just put a mutex around every call to
readdir(), and copy the filename somewhere safe, or you could invent a
signalling system to ask one thread to do all the readdir()s. Whether
this makes sense depends on how much of readdir_r has to be spent inside
a global mutex/spinlock anyway, and how long the processing part takes
compared with the readdir() part.

Andrew

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ