From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 769 invoked by alias); 11 Oct 2012 14:38:56 -0000 Received: (qmail 30349 invoked by uid 48); 11 Oct 2012 14:37:56 -0000 From: "fweimer at redhat dot com" To: glibc-bugs@sources.redhat.com Subject: [Bug libc/14700] New: opendir: potential integer overflow Date: Thu, 11 Oct 2012 14:38:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: fweimer at redhat dot com X-Bugzilla-Status: NEW X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Changed-Fields: Message-ID: X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated Content-Type: text/plain; charset="UTF-8" MIME-Version: 1.0 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org X-SW-Source: 2012-10/txt/msg00128.txt.bz2 http://sourceware.org/bugzilla/show_bug.cgi?id=14700 Bug #: 14700 Summary: opendir: potential integer overflow Product: glibc Version: unspecified Status: NEW Severity: normal Priority: P2 Component: libc AssignedTo: unassigned@sourceware.org ReportedBy: fweimer@redhat.com CC: drepper.fsp@gmail.com Classification: Unclassified In __alloc_dir in sysdeps/posix/opendir.c, st_blksize can be a large value from a source which is not necessarily trusted. Therefore, we should check that the addition does not overflow and fall back to default_allocation in that case. -- Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.