Re: [PATCH] man/man3/getcwd.3: say more clear that syscall can return... | linux-man

[PATCH] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but glibc wrapper cannot · Askar Safin <hidden> · 2025-02-14
Re: [PATCH] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-14
Re: [PATCH] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but glibc wrapper cannot · Carlos O'Donell <hidden> · 2025-02-14
[PATCH v2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Askar Safin <hidden> · 2025-02-16
Re: [PATCH v2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-16
Re: [PATCH v2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-16
[PATCH v3 0/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Askar Safin <hidden> · 2025-02-17
[PATCH v3 1/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Askar Safin <hidden> · 2025-02-17
Re: [PATCH v3 1/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Carlos O'Donell <hidden> · 2025-02-18
Re: [PATCH v3 1/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-18
[PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Askar Safin <hidden> · 2025-02-17
Re: [PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Carlos O'Donell <hidden> · 2025-02-18
Re: [PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Alejandro Colomar <alx@kernel.org> · 2025-02-18
Re: [PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Carlos O'Donell <hidden> · 2025-02-19
Re: [PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Alejandro Colomar <alx@kernel.org> · 2025-02-19
Re: [PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Carlos O'Donell <hidden> · 2025-02-19
Re: [PATCH v3 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Alejandro Colomar <alx@kernel.org> · 2025-02-19
[PATCH v4 0/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Askar Safin <hidden> · 2025-02-20
[PATCH v4 1/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Askar Safin <hidden> · 2025-02-20
Re: [PATCH v4 1/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-20
[PATCH v4 2/2] man/man3/getcwd.3: tfix (pathname => pathnames) · Askar Safin <hidden> · 2025-02-20
Re: [PATCH v4 0/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-20
Re: [PATCH v4 0/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Askar Safin <hidden> · 2025-02-20
Re: [PATCH v4 0/2] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but modern glibc wrapper cannot · Alejandro Colomar <alx@kernel.org> · 2025-02-20

Re: [PATCH] man/man3/getcwd.3: say more clear that syscall can return "(unreachable)", but glibc wrapper cannot

From: Carlos O'Donell <hidden>
Date: 2025-02-14 13:37:34

On 2/14/25 7:50 AM, Askar Safin wrote:

I verified using expirement that glibc wrapper getcwd actually never returns "(unreachable)".
Also I have read glibc sources for all 3 functions documented here.
All they don't return "(unreachable)".

Prior to fixing glibc bug 18203 [1][2] this is not true, and documented in the
BUGS section of the man page.

The original text in VERSIONS is more correct because it is advice to developers,
possibly using multiple versions of glibc, some of which did return
"(unreachable)" as noted in BUGS.

Alternatively you could write:

+When dealing with pathnames from untrusted sources, callers of the
+functions described in the page, including the raw
+.BR getcwd ()
+system call, ...

Note: "raw.*system call" has only ~15 uses, but seems appropriate here as we
are contrasting against the userspace wrappers that provide conformance to
a particular standard.

Also I changed "pathname" to "pathnames".

This is correct and could be split out.

quoted hunk ↗ jump to hunk

Signed-off-by: Askar Safin <redacted>
---
 man/man3/getcwd.3 | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/man/man3/getcwd.3 b/man/man3/getcwd.3
index 685585a60..685a280a1 100644
--- a/man/man3/getcwd.3
+++ b/man/man3/getcwd.3

@@ -245,8 +245,10 @@ process (e.g., because the process set a new filesystem root using
 without changing its current directory into the new root).
 Such behavior can also be caused by an unprivileged user by changing
 the current directory into another mount namespace.
-When dealing with pathname from untrusted sources, callers of the
-functions described in this page
+When dealing with pathnames from untrusted sources, callers of the
+raw
+.BR getcwd ()
+system call
 should consider checking whether the returned pathname starts
 with '/' or '(' to avoid misinterpreting an unreachable path
 as a relative pathname.

-- 
Cheers,
Carlos.

[1] https://sourceware.org/bugzilla/show_bug.cgi?id=18203
[2] https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=52a713fdd0a30e1bd79818e2e3c4ab44ddca1a94

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help