| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 May 2016 01:00:45 +0200 From: Julio Guerra <julio@...jump.io> To: "Peter Hurley <peter@...leysoftware.com>; Greg Kroah-Hartman" <gregkh@...uxfoundation.org> Cc: linux-kernel@...r.kernel.org Subject: [BUG] drivers/tty: read() on a noncanonical blocking tty randomly fails when VMIN > received >= buf Hi, When a tty (here a slave pty) is set in noncanonical input and blocking read modes, a read() randomly blocks when: "VMIN > kernel received >= user buffer size > 0". The standard says that read() should block until VMIN bytes are received [1][2]. Whether this is an implementation defined case not really specified by POSIX or not, it should not behave randomly (otherwise it really should be documented in termios manpage). I isolated it in the following example (with VMIN = 5, received = 4, user buffer = 3): https://gist.github.com/Julio-Guerra/b3fdefab281403073607d81cabcea04a Since it is random, you will need run it several times to observe both cases. When correctly behaving, it should block in the read() for ever (C-c to kill it). When incorrectly behaving, it does not block and reads into the user buffer what is present in the kernel receive buffer (string "any"). Example where it does not block 3 times out of 4: > $ ./a.out > res=3 buf=any > $ ./a.out > res=3 buf=any > $ ./a.out > ^C⏎ Linux version 4.5.1-1-ARCH (builduser@...ias) (gcc version 5.3.0 (GCC) ) #1 SMP PREEMPT Thu Apr 14 19:19:32 CEST 2016 [1] "Canonical and noncanonical mode", man termios [2] http://www.gnu.org/software/libc/manual/html_node/Noncanonical-Input.html -- Julio Guerra
Powered by blists - more mailing lists