clone: check for NULL child stack
The clone syscall accepts NULL child stacks, interpreting this to mean
the child gets a copy of the parent's stack with copy-on-write
semantics. However clone(2) is explicitly documented to treat this an
an error.
"Fortunately" every architecture's __bionic_clone implementation pushes
something onto the child stack before making the clone syscall. So we
know fixing this won't break legacy apps, because any app that tried
using a NULL child stack would have died with SIGSEGV.
This change fixes the LTP clone04 testcase.
Change-Id: I663b34f34bc8dad2aa405c46e4eed4418cccca0d
Signed-off-by: Greg Hackmann <ghackmann@google.com>
diff --git a/libc/bionic/clone.cpp b/libc/bionic/clone.cpp
index 9b5c9e7..af63977 100644
--- a/libc/bionic/clone.cpp
+++ b/libc/bionic/clone.cpp
@@ -47,6 +47,11 @@
void* new_tls = NULL;
int* child_tid = NULL;
+ if (!child_stack) {
+ errno = EINVAL;
+ return -1;
+ }
+
// Extract any optional parameters required by the flags.
va_list args;
va_start(args, arg);
diff --git a/tests/sched_test.cpp b/tests/sched_test.cpp
index caf4c65..92d6c26 100644
--- a/tests/sched_test.cpp
+++ b/tests/sched_test.cpp
@@ -21,12 +21,12 @@
#include <sys/types.h>
#include <sys/wait.h>
-#if defined(__BIONIC__)
static int child_fn(void* i_ptr) {
*reinterpret_cast<int*>(i_ptr) = 42;
return 123;
}
+#if defined(__BIONIC__)
TEST(sched, clone) {
void* child_stack[1024];
@@ -59,6 +59,13 @@
ASSERT_EQ(EINVAL, errno);
}
+TEST(sched, clone_null_child_stack) {
+ int i = 0;
+ errno = 0;
+ ASSERT_EQ(-1, clone(child_fn, nullptr, CLONE_VM, &i));
+ ASSERT_EQ(EINVAL, errno);
+}
+
TEST(sched, cpu_set) {
cpu_set_t set;
