public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/16038] New: A very large alignment value causes memalign/posix_memalign to loop forever
@ 2013-10-10 7:54 will.newton at gmail dot com
2013-10-10 7:55 ` [Bug libc/16038] " will.newton at gmail dot com
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: will.newton at gmail dot com @ 2013-10-10 7:54 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16038
Bug ID: 16038
Summary: A very large alignment value causes
memalign/posix_memalign to loop forever
Product: glibc
Version: 2.18
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: will.newton at gmail dot com
CC: drepper.fsp at gmail dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/16038] A very large alignment value causes memalign/posix_memalign to loop forever
2013-10-10 7:54 [Bug libc/16038] New: A very large alignment value causes memalign/posix_memalign to loop forever will.newton at gmail dot com
@ 2013-10-10 7:55 ` will.newton at gmail dot com
2013-10-30 21:46 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: will.newton at gmail dot com @ 2013-10-10 7:55 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16038
--- Comment #1 from Will Newton <will.newton at gmail dot com> ---
Passing a very large value for the alignment parameter of
memalign/posix_memalign causes _int_memalign to enter an infinite loop, e.g.:
memalign(-1, 0x1000);
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/16038] A very large alignment value causes memalign/posix_memalign to loop forever
2013-10-10 7:54 [Bug libc/16038] New: A very large alignment value causes memalign/posix_memalign to loop forever will.newton at gmail dot com
2013-10-10 7:55 ` [Bug libc/16038] " will.newton at gmail dot com
@ 2013-10-30 21:46 ` cvs-commit at gcc dot gnu.org
2013-10-30 21:53 ` will.newton at gmail dot com
2014-06-13 12:40 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2013-10-30 21:46 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=16038
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
via a56ee40b176d0a3f47f2a7eb75208f2e3763c9fd (commit)
from c6e4925d4069d38843c02994ffd284e8c87c8929 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a56ee40b176d0a3f47f2a7eb75208f2e3763c9fd
commit a56ee40b176d0a3f47f2a7eb75208f2e3763c9fd
Author: Will Newton <will.newton@linaro.org>
Date: Thu Oct 10 13:17:13 2013 +0100
malloc: Fix for infinite loop in memalign/posix_memalign.
A very large alignment argument passed to mealign/posix_memalign
causes _int_memalign to enter an infinite loop. Limit the maximum
alignment value to the maximum representable power of two to
prevent this from happening.
Changelog:
2013-10-30 Will Newton <will.newton@linaro.org>
[BZ #16038]
* malloc/hooks.c (memalign_check): Limit alignment to the
maximum representable power of two.
* malloc/malloc.c (__libc_memalign): Likewise.
* malloc/tst-memalign.c (do_test): Add test for very
large alignment values.
* malloc/tst-posix_memalign.c (do_test): Likewise.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 10 ++++++++++
malloc/hooks.c | 8 ++++++++
malloc/malloc.c | 8 ++++++++
malloc/tst-memalign.c | 15 +++++++++++++++
malloc/tst-posix_memalign.c | 10 ++++++++++
5 files changed, 51 insertions(+), 0 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/16038] A very large alignment value causes memalign/posix_memalign to loop forever
2013-10-10 7:54 [Bug libc/16038] New: A very large alignment value causes memalign/posix_memalign to loop forever will.newton at gmail dot com
2013-10-10 7:55 ` [Bug libc/16038] " will.newton at gmail dot com
2013-10-30 21:46 ` cvs-commit at gcc dot gnu.org
@ 2013-10-30 21:53 ` will.newton at gmail dot com
2014-06-13 12:40 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: will.newton at gmail dot com @ 2013-10-30 21:53 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16038
Will Newton <will.newton at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from Will Newton <will.newton at gmail dot com> ---
Fixed in a56ee40b176d0a3f47f2a7eb75208f2e3763c9fd.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libc/16038] A very large alignment value causes memalign/posix_memalign to loop forever
2013-10-10 7:54 [Bug libc/16038] New: A very large alignment value causes memalign/posix_memalign to loop forever will.newton at gmail dot com
` (2 preceding siblings ...)
2013-10-30 21:53 ` will.newton at gmail dot com
@ 2014-06-13 12:40 ` fweimer at redhat dot com
3 siblings, 0 replies; 5+ messages in thread
From: fweimer at redhat dot com @ 2014-06-13 12:40 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16038
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
The alignment should come from a trusted source, so this does not cross a trust
boundary and is not a security vulnerability.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-06-13 12:40 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-10-10 7:54 [Bug libc/16038] New: A very large alignment value causes memalign/posix_memalign to loop forever will.newton at gmail dot com
2013-10-10 7:55 ` [Bug libc/16038] " will.newton at gmail dot com
2013-10-30 21:46 ` cvs-commit at gcc dot gnu.org
2013-10-30 21:53 ` will.newton at gmail dot com
2014-06-13 12:40 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).