From 05c83ccaf50aef2dd30d92cbb814383f6bddea2c Mon Sep 17 00:00:00 2001 From: Gleb Fotengauer-Malinovskiy Date: Tue, 1 Feb 2022 22:39:02 +0000 Subject: [PATCH] linux: __get_nprocs_sched: do not feed CPU_COUNT_S with garbage [BZ #28850] Pass the actual number of bytes returned by the kernel. Fixes: 33099d72e41c ("linux: Simplify get_nprocs") Reviewed-by: Dmitry V. Levin (cherry picked from commit 97ba273b505763325efd802dc3a9562dbba79579) --- NEWS | 1 + sysdeps/unix/sysv/linux/getsysstats.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 5b2e757e35..6637a2e0c1 100644 --- a/NEWS +++ b/NEWS @@ -59,6 +59,7 @@ The following bugs are resolved with this release: [28769] CVE-2021-3999: Off-by-one buffer overflow/underflow in getcwd() [28770] CVE-2021-3998: Unexpected return value from realpath() for too long results [28784] x86: crash in 32bit memset-sse2.s when the cache size can not be determined + [28850] linux: __get_nprocs_sched reads uninitialized memory from the stack Version 2.34 diff --git a/sysdeps/unix/sysv/linux/getsysstats.c b/sysdeps/unix/sysv/linux/getsysstats.c index 7fc6521942..7babd947aa 100644 --- a/sysdeps/unix/sysv/linux/getsysstats.c +++ b/sysdeps/unix/sysv/linux/getsysstats.c @@ -45,7 +45,7 @@ __get_nprocs_sched (void) int r = INTERNAL_SYSCALL_CALL (sched_getaffinity, 0, cpu_bits_size, cpu_bits); if (r > 0) - return CPU_COUNT_S (cpu_bits_size, (cpu_set_t*) cpu_bits); + return CPU_COUNT_S (r, (cpu_set_t*) cpu_bits); else if (r == -EINVAL) /* The input buffer is still not enough to store the number of cpus. This is an arbitrary values assuming such systems should be rare and there