public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/14700] New: opendir: potential integer overflow
@ 2012-10-11 14:38 fweimer at redhat dot com
2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2012-10-11 14:38 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14700
Bug #: 14700
Summary: opendir: potential integer overflow
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: unassigned@sourceware.org
ReportedBy: fweimer@redhat.com
CC: drepper.fsp@gmail.com
Classification: Unclassified
In __alloc_dir in sysdeps/posix/opendir.c, st_blksize can be a large value from
a source which is not necessarily trusted. Therefore, we should check that the
addition does not overflow and fall back to default_allocation in that case.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug libc/14700] opendir: potential integer overflow
2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
@ 2012-10-11 14:41 ` fweimer at redhat dot com
2012-11-29 15:14 ` fweimer at redhat dot com
2014-06-25 6:45 ` fweimer at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2012-10-11 14:41 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14700
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|unassigned at sourceware |fweimer at redhat dot com
|dot org |
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug libc/14700] opendir: potential integer overflow
2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
@ 2012-11-29 15:14 ` fweimer at redhat dot com
2014-06-25 6:45 ` fweimer at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2012-11-29 15:14 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=14700
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
Target Milestone|--- |2.17
--- Comment #1 from Florian Weimer <fweimer at redhat dot com> 2012-11-29 15:14:20 UTC ---
Fixed in commit 172a631a1fc8ec8fcef80af1f91438d092957c3e.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug libc/14700] opendir: potential integer overflow
2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
2012-11-29 15:14 ` fweimer at redhat dot com
@ 2014-06-25 6:45 ` fweimer at redhat dot com
2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2014-06-25 6:45 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=14700
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-06-25 6:45 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
2012-11-29 15:14 ` fweimer at redhat dot com
2014-06-25 6:45 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).