public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug hurd/10265] heap overflow condition in stdlib/canonicalize.c
[not found] <bug-10265-131@http.sourceware.org/bugzilla/>
@ 2013-10-12 19:18 ` neleai at seznam dot cz
2014-07-01 16:38 ` fweimer at redhat dot com
1 sibling, 0 replies; 2+ messages in thread
From: neleai at seznam dot cz @ 2013-10-12 19:18 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=10265
Ondrej Bilka <neleai at seznam dot cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |neleai at seznam dot cz
Resolution|--- |INVALID
--- Comment #1 from Ondrej Bilka <neleai at seznam dot cz> ---
> The following code in stdlib/canonicalize.c hardcodes path_max to 1024 for
> systems that don't have any limit (such as GNU/Hurd):
>
> This will result in heap overflows if the canonicalized path expands to
> something longer than 1024.
This does not make sense. It shares logic with systems where path_max is
defined where overexpansion should be handled correctly.
If you want to show that there is overflow condition write a program where
valgrind will report a invalid write or returns path longer than 1024 bytes.
Until that closing.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug hurd/10265] heap overflow condition in stdlib/canonicalize.c
[not found] <bug-10265-131@http.sourceware.org/bugzilla/>
2013-10-12 19:18 ` [Bug hurd/10265] heap overflow condition in stdlib/canonicalize.c neleai at seznam dot cz
@ 2014-07-01 16:38 ` fweimer at redhat dot com
1 sibling, 0 replies; 2+ messages in thread
From: fweimer at redhat dot com @ 2014-07-01 16:38 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=10265
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-07-01 16:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-10265-131@http.sourceware.org/bugzilla/>
2013-10-12 19:18 ` [Bug hurd/10265] heap overflow condition in stdlib/canonicalize.c neleai at seznam dot cz
2014-07-01 16:38 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).