public inbox for glibc-bugs-regex@sourceware.org
help / color / mirror / Atom feed
* [Bug regex/1245] New: regexec invokes alloca with unbounded size; plus alloca cleanup
@ 2005-08-26 5:54 eggert at gnu dot org
2005-08-26 5:54 ` [Bug regex/1245] " eggert at gnu dot org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: eggert at gnu dot org @ 2005-08-26 5:54 UTC (permalink / raw)
To: glibc-bugs-regex
I noticed that regexec's set_regs functions invokes alloca with a potentially
unbounded size. glibc code is supposed to check the size first with
__libc_use_alloca first.
While fixing this, I noticed a lot of ancient portability cruft for alloca,
intended for use outside glibc, that is no longer needed now that gnulib
supplies an alloca module. This can be cleaned out now.
I'll attach a patch.
--
Summary: regexec invokes alloca with unbounded size; plus alloca
cleanup
Product: glibc
Version: 2.3.5
Status: NEW
Severity: normal
Priority: P2
Component: regex
AssignedTo: gotom at debian dot or dot jp
ReportedBy: eggert at gnu dot org
CC: glibc-bugs-regex at sources dot redhat dot com,glibc-
bugs at sources dot redhat dot com
BugsThisDependsOn: 1241
http://sources.redhat.com/bugzilla/show_bug.cgi?id=1245
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug regex/1245] regexec invokes alloca with unbounded size; plus alloca cleanup
2005-08-26 5:54 [Bug regex/1245] New: " eggert at gnu dot org
@ 2005-08-26 5:54 ` eggert at gnu dot org
2005-08-26 6:07 ` eggert at gnu dot org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: eggert at gnu dot org @ 2005-08-26 5:54 UTC (permalink / raw)
To: glibc-bugs-regex
------- Additional Comments From eggert at gnu dot org 2005-08-26 05:53 -------
Created an attachment (id=620)
--> (http://sources.redhat.com/bugzilla/attachment.cgi?id=620&action=view)
alloca cleanup for regex
--
http://sources.redhat.com/bugzilla/show_bug.cgi?id=1245
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug regex/1245] regexec invokes alloca with unbounded size; plus alloca cleanup
2005-08-26 5:54 [Bug regex/1245] New: " eggert at gnu dot org
2005-08-26 5:54 ` [Bug regex/1245] " eggert at gnu dot org
@ 2005-08-26 6:07 ` eggert at gnu dot org
2005-09-06 20:26 ` drepper at redhat dot com
2005-09-06 20:52 ` drepper at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: eggert at gnu dot org @ 2005-08-26 6:07 UTC (permalink / raw)
To: glibc-bugs-regex
------- Additional Comments From eggert at gnu dot org 2005-08-26 06:07 -------
Created an attachment (id=621)
--> (http://sources.redhat.com/bugzilla/attachment.cgi?id=621&action=view)
alloca cleanup for regex (revised)
Sorry, there was a stray underscore in the original patch:
_LIBC was misspelled as "__LIBC". Here's a fixed version.
--
What |Removed |Added
----------------------------------------------------------------------------
Attachment #620 is|0 |1
obsolete| |
http://sources.redhat.com/bugzilla/show_bug.cgi?id=1245
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug regex/1245] regexec invokes alloca with unbounded size; plus alloca cleanup
2005-08-26 5:54 [Bug regex/1245] New: " eggert at gnu dot org
2005-08-26 5:54 ` [Bug regex/1245] " eggert at gnu dot org
2005-08-26 6:07 ` eggert at gnu dot org
@ 2005-09-06 20:26 ` drepper at redhat dot com
2005-09-06 20:52 ` drepper at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: drepper at redhat dot com @ 2005-09-06 20:26 UTC (permalink / raw)
To: glibc-bugs-regex
--
Bug 1245 depends on bug 1241, which changed state.
Bug 1241 Summary: regex isn't compilable by g++; also, a dereferencing bug
http://sourceware.org/bugzilla/show_bug.cgi?id=1241
What |Old Value |New Value
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
http://sourceware.org/bugzilla/show_bug.cgi?id=1245
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug regex/1245] regexec invokes alloca with unbounded size; plus alloca cleanup
2005-08-26 5:54 [Bug regex/1245] New: " eggert at gnu dot org
` (2 preceding siblings ...)
2005-09-06 20:26 ` drepper at redhat dot com
@ 2005-09-06 20:52 ` drepper at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: drepper at redhat dot com @ 2005-09-06 20:52 UTC (permalink / raw)
To: glibc-bugs-regex
------- Additional Comments From drepper at redhat dot com 2005-09-06 20:52 -------
Applied to trunk.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
http://sourceware.org/bugzilla/show_bug.cgi?id=1245
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-06-13 10:53 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-1245-132@http.sourceware.org/bugzilla/>
2014-06-13 10:53 ` [Bug regex/1245] regexec invokes alloca with unbounded size; plus alloca cleanup fweimer at redhat dot com
2005-08-26 5:54 [Bug regex/1245] New: " eggert at gnu dot org
2005-08-26 5:54 ` [Bug regex/1245] " eggert at gnu dot org
2005-08-26 6:07 ` eggert at gnu dot org
2005-09-06 20:26 ` drepper at redhat dot com
2005-09-06 20:52 ` drepper at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).