➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2017-06-14 14:27 by ukl, last changed 2022-04-11 14:58 by admin.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| unsigned-long-arg-for-ioctl.patch | ukl, 2017-06-14 14:27 | |||
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 2286 | open | serhiy.storchaka, 2017-06-20 07:50 | |
| Messages (4) | |||
|---|---|---|---|
| msg296008 - (view) | Author: Uwe Kleine-König (ukl) * | Date: 2017-06-14 14:27 | |
When passing a big integer value to fcntl.ioctl this might result in
OverflowError: signed integer is greater than maximum
. Traditionally ioctl(3) takes a pointer as third argument. The fcntl module however uses an int (format specifier 'i') which is too small to hold a pointer on 64 bit architectures.
The fix is to use 'k' (and an unsigned long) instead of 'i' (and an int). An unsigned long is suitable to hold a pointer value on AFAIK all platforms that matter today. (And it works on all platforms where int is already good enough, so the suggested change doesn't do any harm.)
A patch is attached.
|
|||
| msg296242 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) *  |
Date: 2017-06-17 16:32 | |
The FreeBSD [1], OpenBSD [2], and Solaris 10 [3] documentations specify the third argument of ioctl() as either an int or a pointer. Passing a 64-bit long instead of a 32-bit int on big-endian platform can cause incorrect interpretation of an argument. [1] https://www.freebsd.org/cgi/man.cgi?query=ioctl&sektion=2 [2] http://man.openbsd.org/ioctl.2 [3] https://docs.oracle.com/cd/E26505_01/html/816-5167/ioctl-2.html |
|||
| msg296307 - (view) | Author: Uwe Kleine-König (ukl) * | Date: 2017-06-19 08:23 | |
So the only option to fix this is to determine the type of arg from the request parameter? I failed to find the implementation of ioctl for linux in glibc, the best I found is one that only seems to be used on powerpc[1] which seems to assume that the third argument is a pointer. The Linux kernel prototype takes an unsigned long[2] and encodes the size of the data pointed to in the request using _IOC[3]. On hurd there are different macros to determine the type. I'm not fluent in *BSD and Solaris (and other operating systems), so I cannot add specifics for them. I cannot even say which OS that runs Python can run in 64 bit BE mode. [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/powerpc/ioctl.c;h=e2e3d3357f9f5ee9ffe5e9f0588ebae9976c0dfd;hb=HEAD [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/ioctl.c?h=v4.12-rc5#n691 [3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/uapi/asm-generic/ioctl.h |
|||
| msg296405 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * |
Date: 2017-06-20 07:54 | |
PR 2286 uses for the third argument char* on Linux and int or unsigned int on other platforms. It keeps some degree of integer overflow control. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:58:47 | admin | set | github: 74850 |
| 2020-05-28 01:38:07 | ned.deily | set | versions: + Python 3.9, Python 3.10, - Python 2.7, Python 3.5, Python 3.6, Python 3.7 |
| 2017-06-20 07:54:33 | serhiy.storchaka | set | versions:
+ Python 2.7, Python 3.6, Python 3.7 nosy: + twouters, mark.dickinson messages: + msg296405 stage: patch review |
| 2017-06-20 07:50:47 | serhiy.storchaka | set | pull_requests: + pull_request2334 |
| 2017-06-19 08:23:58 | ukl | set | messages: + msg296307 |
| 2017-06-17 16:32:21 | serhiy.storchaka | set | nosy:
+ serhiy.storchaka messages: + msg296242 |
| 2017-06-17 15:54:20 | cfi | set | nosy:
+ cfi |
| 2017-06-14 15:02:01 | vstinner | set | nosy:
+ vstinner |
| 2017-06-14 14:27:52 | ukl | create | |