* [PATCH] libio: Avoid ptrdiff_t overflow in IO_validate_vtable
@ 2018-06-19 11:55 Florian Weimer
2018-06-19 12:05 ` Andreas Schwab
0 siblings, 1 reply; 2+ messages in thread
From: Florian Weimer @ 2018-06-19 11:55 UTC (permalink / raw)
To: libc-alpha
If the candidate pointer is sufficiently far away from
__start___libc_IO_vtables, the result might not fit into ptrdiff_t.
2018-06-19 Florian Weimer <fweimer@redhat.com>
* libio/libioP.h (IO_validate_vtable): Avoid ptrdiff_t overflow.
diff --git a/libio/libioP.h b/libio/libioP.h
index 8afe7032e3..df2633d858 100644
--- a/libio/libioP.h
+++ b/libio/libioP.h
@@ -830,8 +830,8 @@ IO_validate_vtable (const struct _IO_jump_t *vtable)
/* Fast path: The vtable pointer is within the __libc_IO_vtables
section. */
uintptr_t section_length = __stop___libc_IO_vtables - __start___libc_IO_vtables;
- const char *ptr = (const char *) vtable;
- uintptr_t offset = ptr - __start___libc_IO_vtables;
+ uintptr_t ptr = (uintptr_t) vtable;
+ uintptr_t offset = ptr - (uintptr_t) __start___libc_IO_vtables;
if (__glibc_unlikely (offset >= section_length))
/* The vtable pointer is not in the expected section. Use the
slow path, which will terminate the process if necessary. */
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] libio: Avoid ptrdiff_t overflow in IO_validate_vtable
2018-06-19 11:55 [PATCH] libio: Avoid ptrdiff_t overflow in IO_validate_vtable Florian Weimer
@ 2018-06-19 12:05 ` Andreas Schwab
0 siblings, 0 replies; 2+ messages in thread
From: Andreas Schwab @ 2018-06-19 12:05 UTC (permalink / raw)
To: Florian Weimer; +Cc: libc-alpha
On Jun 19 2018, Florian Weimer <fw@deneb.enyo.de> wrote:
> * libio/libioP.h (IO_validate_vtable): Avoid ptrdiff_t overflow.
Ok.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-06-19 12:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-19 11:55 [PATCH] libio: Avoid ptrdiff_t overflow in IO_validate_vtable Florian Weimer
2018-06-19 12:05 ` Andreas Schwab
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).