[Bug libc/14700] New: opendir: potential integer overflow

public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug libc/14700] New: opendir: potential integer overflow
@ 2012-10-11 14:38 fweimer at redhat dot com
  2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2012-10-11 14:38 UTC (permalink / raw)
  To: glibc-bugs


http://sourceware.org/bugzilla/show_bug.cgi?id=14700

             Bug #: 14700
           Summary: opendir: potential integer overflow
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: unassigned@sourceware.org
        ReportedBy: fweimer@redhat.com
                CC: drepper.fsp@gmail.com
    Classification: Unclassified


In __alloc_dir in sysdeps/posix/opendir.c, st_blksize can be a large value from
a source which is not necessarily trusted.  Therefore, we should check that the
addition does not overflow and fall back to default_allocation in that case.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug libc/14700] opendir: potential integer overflow
  2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
@ 2012-10-11 14:41 ` fweimer at redhat dot com
  2012-11-29 15:14 ` fweimer at redhat dot com
  2014-06-25  6:45 ` fweimer at redhat dot com
  2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2012-10-11 14:41 UTC (permalink / raw)
  To: glibc-bugs


http://sourceware.org/bugzilla/show_bug.cgi?id=14700

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         AssignedTo|unassigned at sourceware    |fweimer at redhat dot com
                   |dot org                     |

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug libc/14700] opendir: potential integer overflow
  2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
  2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
@ 2012-11-29 15:14 ` fweimer at redhat dot com
  2014-06-25  6:45 ` fweimer at redhat dot com
  2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2012-11-29 15:14 UTC (permalink / raw)
  To: glibc-bugs

http://sourceware.org/bugzilla/show_bug.cgi?id=14700

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED
   Target Milestone|---                         |2.17

--- Comment #1 from Florian Weimer <fweimer at redhat dot com> 2012-11-29 15:14:20 UTC ---
Fixed in commit 172a631a1fc8ec8fcef80af1f91438d092957c3e.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug libc/14700] opendir: potential integer overflow
  2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
  2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
  2012-11-29 15:14 ` fweimer at redhat dot com
@ 2014-06-25  6:45 ` fweimer at redhat dot com
  2 siblings, 0 replies; 4+ messages in thread
From: fweimer at redhat dot com @ 2014-06-25  6:45 UTC (permalink / raw)
  To: glibc-bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=14700

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |security-

-- 
You are receiving this mail because:
You are on the CC list for the bug.


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2014-06-25  6:45 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-10-11 14:38 [Bug libc/14700] New: opendir: potential integer overflow fweimer at redhat dot com
2012-10-11 14:41 ` [Bug libc/14700] " fweimer at redhat dot com
2012-11-29 15:14 ` fweimer at redhat dot com
2014-06-25  6:45 ` fweimer at redhat dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).