This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 175796 - listxattr() system call fails for /proc, /dev, etc
listxattr() system call fails for /proc, /dev, etc
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: James Morris
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2005-12-14 20:19 EST by Ben Escoto
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-12-15 22:51:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ben Escoto 2005-12-14 20:19:29 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7

Description of problem:
Apparently there is an off-by-one error in the listxattr() system call support, that leads to spurious ERANGE errors.  See for instance this strace output:

listxattr("/dev", (nil), 0)             = 17
listxattr("/dev", 0x53a3d0, 17)         = -1 ERANGE (Numerical result out of range)

when since the previous listxattr call returned 17, the buffer in the second case should be sufficient.  For more information and fix see:

Note that the included getfattr utility does not trigger this bug because that utility uses a buffer bigger than it should.

Version-Release number of selected component (if applicable):
kernel-2.6.14-1.1644_FC4, other 2.6.14 kernel versions

How reproducible:

Steps to Reproduce:
1. See the attached small C program, written by Iustin Pop
2. Run it on /dev for instance, or /proc

Actual Results:  Path /dev, xattr size 17
Testing with size 16...buffer too small
Testing with size 17...buffer too small
Testing with size 18... succeded!
Finished at 18

Expected Results:  Path /dev, xattr size 17
Testing with size 16...buffer too small
Testing with size 17... succeded!
Finished at 17

Additional info:

Here's Iustin Pop's C program:

#include <sys/types.h>
#include <attr/xattr.h>
#include <string.h>
#include <stdio.h>

int main(int argc, char *argv[]) {
   char buf[65536];

   ssize_t n;
   ssize_t i;
   ssize_t j;
   char *path;

   if(argc != 2) {
       fprintf(stderr, "Usage: %s path\n", argv[0]);
       return 1;
   path = argv[1];
   n = listxattr(path, NULL, 0);

   if(n == -1) {
       fprintf(stderr, "Error in getting xattr list size: %s", strerror(errno));
       return 1;
   printf("Path %s, xattr size %d\n", path, n);

   if(n == 0) {
       printf("No extended attrs, exiting.\n");
       return 0;

   for(i = n - 1; i < sizeof(buf); i++) {
       printf("Testing with size %d...", i);
       j = listxattr(path, buf, i);
       if(j > 0) {
           printf(" succeded!\n");
       if(errno == ERANGE) {
           printf("buffer too small\n");
       } else {
           printf("other error: %s\n", strerror(errno));
   printf("Finished at %d\n", i);
   return 0;
Comment 1 Ben Escoto 2005-12-14 20:28:13 EST
Oh, I should add that I'm submitting this as a Fedora bug because other
distributions like Debian that run the 2.6.14 kernel don't seem to suffer from
it.  I write a backup program that supports extended attributes and I've only
seen Fedora users complain about it so far.
Comment 2 James Morris 2005-12-14 21:11:41 EST
This is fixed in 2.6.15-rc5-mm2 and also possibly in -stable (it was being
reviewed at least).
Comment 3 Dave Jones 2005-12-14 23:21:43 EST
Ok. 2.6.14-1.1653_FC4 pushed out yesterday has the patches put up for review for
inclusion in

Please retest with the latest update.
Comment 4 Ben Escoto 2005-12-15 22:07:38 EST
Yes, this is fixed in 2.6.14-1.1653_FC4.  Thanks for the quick fix ;-)

Note You need to log in before you can comment on or make changes to this bug.