public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes
@ 2015-02-02 16:27 jsm28 at gcc dot gnu.org
2015-02-06 9:26 ` [Bug stdio/17916] " fweimer at redhat dot com
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: jsm28 at gcc dot gnu.org @ 2015-02-02 16:27 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17916
Bug ID: 17916
Summary: fopen unbounded stack usage for ccs= modes
Product: glibc
Version: 2.21
Status: NEW
Severity: normal
Priority: P2
Component: stdio
Assignee: unassigned at sourceware dot org
Reporter: jsm28 at gcc dot gnu.org
When the ",ccs=" notation is used with fopen to specify a character set
conversion, a copy of the character set name is made on the stack with no
bounds on the stack allocation: (from libio/fileops.c)
char *endp = __strchrnul (cs + 5, ',');
char ccs[endp - (cs + 5) + 3];
*((char *) __mempcpy (ccs, cs + 5, endp - (cs + 5))) = '\0';
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug stdio/17916] fopen unbounded stack usage for ccs= modes
2015-02-02 16:27 [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes jsm28 at gcc dot gnu.org
@ 2015-02-06 9:26 ` fweimer at redhat dot com
2015-02-18 13:31 ` fweimer at redhat dot com
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2015-02-06 9:26 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17916
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug stdio/17916] fopen unbounded stack usage for ccs= modes
2015-02-02 16:27 [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes jsm28 at gcc dot gnu.org
2015-02-06 9:26 ` [Bug stdio/17916] " fweimer at redhat dot com
@ 2015-02-18 13:31 ` fweimer at redhat dot com
2015-02-22 20:10 ` ppluzhnikov at google dot com
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: fweimer at redhat dot com @ 2015-02-18 13:31 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17916
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug stdio/17916] fopen unbounded stack usage for ccs= modes
2015-02-02 16:27 [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes jsm28 at gcc dot gnu.org
2015-02-06 9:26 ` [Bug stdio/17916] " fweimer at redhat dot com
2015-02-18 13:31 ` fweimer at redhat dot com
@ 2015-02-22 20:10 ` ppluzhnikov at google dot com
2015-02-24 16:07 ` cvs-commit at gcc dot gnu.org
2015-02-24 16:10 ` ppluzhnikov at google dot com
4 siblings, 0 replies; 6+ messages in thread
From: ppluzhnikov at google dot com @ 2015-02-22 20:10 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17916
Paul Pluzhnikov <ppluzhnikov at google dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ppluzhnikov at google dot com
Assignee|unassigned at sourceware dot org |ppluzhnikov at google dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug stdio/17916] fopen unbounded stack usage for ccs= modes
2015-02-02 16:27 [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes jsm28 at gcc dot gnu.org
` (2 preceding siblings ...)
2015-02-22 20:10 ` ppluzhnikov at google dot com
@ 2015-02-24 16:07 ` cvs-commit at gcc dot gnu.org
2015-02-24 16:10 ` ppluzhnikov at google dot com
4 siblings, 0 replies; 6+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-02-24 16:07 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17916
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 6909d2767580b680138a6aa49aabf4976770e9f6 (commit)
from 65f6f938cd562a614a68e15d0581a34b177ec29d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6909d2767580b680138a6aa49aabf4976770e9f6
commit 6909d2767580b680138a6aa49aabf4976770e9f6
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Tue Feb 24 08:05:34 2015 -0800
Fix BZ #17916 - fopen unbounded stack usage for ccs= modes
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 ++++++
NEWS | 4 ++--
libio/fileops.c | 13 ++++++++++++-
libio/tst-fopenloc.c | 28 +++++++++++++++++++++++++++-
4 files changed, 47 insertions(+), 4 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Bug stdio/17916] fopen unbounded stack usage for ccs= modes
2015-02-02 16:27 [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes jsm28 at gcc dot gnu.org
` (3 preceding siblings ...)
2015-02-24 16:07 ` cvs-commit at gcc dot gnu.org
@ 2015-02-24 16:10 ` ppluzhnikov at google dot com
4 siblings, 0 replies; 6+ messages in thread
From: ppluzhnikov at google dot com @ 2015-02-24 16:10 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=17916
Paul Pluzhnikov <ppluzhnikov at google dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #2 from Paul Pluzhnikov <ppluzhnikov at google dot com> ---
Fixed by 6909d2767580b680138a6aa49aabf4976770e9f6
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2015-02-24 16:10 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-02-02 16:27 [Bug stdio/17916] New: fopen unbounded stack usage for ccs= modes jsm28 at gcc dot gnu.org
2015-02-06 9:26 ` [Bug stdio/17916] " fweimer at redhat dot com
2015-02-18 13:31 ` fweimer at redhat dot com
2015-02-22 20:10 ` ppluzhnikov at google dot com
2015-02-24 16:07 ` cvs-commit at gcc dot gnu.org
2015-02-24 16:10 ` ppluzhnikov at google dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).