public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug stdio/18549] New: fmemopen getc allows segfault at EOF
@ 2015-06-17 11:25 quae at daurnimator dot com
2015-06-17 11:49 ` [Bug stdio/18549] " quae at daurnimator dot com
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: quae at daurnimator dot com @ 2015-06-17 11:25 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=18549
Bug ID: 18549
Summary: fmemopen getc allows segfault at EOF
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: stdio
Assignee: unassigned at sourceware dot org
Reporter: quae at daurnimator dot com
Target Milestone: ---
If you "getc" through an fmemopen'd FILE*, fwrite seems to be able to write
past EOF; which will cause a segfault on fclose.
#define _GNU_SOURCE
#include <stdio.h> /* fmemopen */
int main() {
FILE *f = fmemopen(NULL, 100, "w+b");
if (!f) return (perror("fmemopen"), 1);
/* read until EOF */
int c;
while ((c = getc(f)) != EOF) { }
/* write something */
printf("Write %d bytes.\n", fwrite("asd", 3, 1, f));
/* fclose segfaults for me */
fclose(f);
return 0;
}
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug stdio/18549] fmemopen getc allows segfault at EOF
2015-06-17 11:25 [Bug stdio/18549] New: fmemopen getc allows segfault at EOF quae at daurnimator dot com
@ 2015-06-17 11:49 ` quae at daurnimator dot com
2015-06-25 13:56 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: quae at daurnimator dot com @ 2015-06-17 11:49 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=18549
daurnimator <quae at daurnimator dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |quae at daurnimator dot com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug stdio/18549] fmemopen getc allows segfault at EOF
2015-06-17 11:25 [Bug stdio/18549] New: fmemopen getc allows segfault at EOF quae at daurnimator dot com
2015-06-17 11:49 ` [Bug stdio/18549] " quae at daurnimator dot com
@ 2015-06-25 13:56 ` cvs-commit at gcc dot gnu.org
2015-06-25 13:57 ` schwab@linux-m68k.org
2015-06-26 1:22 ` quae at daurnimator dot com
3 siblings, 0 replies; 5+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-06-25 13:56 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=18549
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 7c2ce714d4e853aadbec13b920576fdfada520f1 (commit)
from cc08749b2d1c68284b25b157fbbe1ff219495cae (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7c2ce714d4e853aadbec13b920576fdfada520f1
commit 7c2ce714d4e853aadbec13b920576fdfada520f1
Author: Andreas Schwab <schwab@suse.de>
Date: Thu Jun 25 11:53:06 2015 +0200
Fix buffer overflow for writes to memory buffer stream (bug 18549)
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 ++++++
NEWS | 3 ++-
libio/fmemopen.c | 2 +-
libio/test-fmemopen.c | 13 +++++++++++--
4 files changed, 20 insertions(+), 4 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug stdio/18549] fmemopen getc allows segfault at EOF
2015-06-17 11:25 [Bug stdio/18549] New: fmemopen getc allows segfault at EOF quae at daurnimator dot com
2015-06-17 11:49 ` [Bug stdio/18549] " quae at daurnimator dot com
2015-06-25 13:56 ` cvs-commit at gcc dot gnu.org
@ 2015-06-25 13:57 ` schwab@linux-m68k.org
2015-06-26 1:22 ` quae at daurnimator dot com
3 siblings, 0 replies; 5+ messages in thread
From: schwab@linux-m68k.org @ 2015-06-25 13:57 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=18549
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
Target Milestone|--- |2.22
--- Comment #2 from Andreas Schwab <schwab@linux-m68k.org> ---
Fixed for 2.22.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug stdio/18549] fmemopen getc allows segfault at EOF
2015-06-17 11:25 [Bug stdio/18549] New: fmemopen getc allows segfault at EOF quae at daurnimator dot com
` (2 preceding siblings ...)
2015-06-25 13:57 ` schwab@linux-m68k.org
@ 2015-06-26 1:22 ` quae at daurnimator dot com
3 siblings, 0 replies; 5+ messages in thread
From: quae at daurnimator dot com @ 2015-06-26 1:22 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=18549
--- Comment #3 from daurnimator <quae at daurnimator dot com> ---
Thanks!
Quickest turn around I've had on one of my glibc bugs :P
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-06-26 1:22 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-17 11:25 [Bug stdio/18549] New: fmemopen getc allows segfault at EOF quae at daurnimator dot com
2015-06-17 11:49 ` [Bug stdio/18549] " quae at daurnimator dot com
2015-06-25 13:56 ` cvs-commit at gcc dot gnu.org
2015-06-25 13:57 ` schwab@linux-m68k.org
2015-06-26 1:22 ` quae at daurnimator dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).