From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pengyu.ut@gmail.com>
Received: from mail-il1-x129.google.com (mail-il1-x129.google.com
 [IPv6:2607:f8b0:4864:20::129])
 by sourceware.org (Postfix) with ESMTPS id 25CD73858001
 for <libc-help@sourceware.org>; Thu, 25 Mar 2021 20:35:45 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 25CD73858001
Received: by mail-il1-x129.google.com with SMTP id t6so3224666ilp.11
 for <libc-help@sourceware.org>; Thu, 25 Mar 2021 13:35:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
 bh=h93IzJFcTWljC14+zvNpA20jTxpTt6mpjXuwhxdLLmA=;
 b=XPjHw6b4ztNaqrzkb5fXYqCwE04yv2W4E0f+o4o9YGd9XQjdmwWRJg6gyJjFUO6lBb
 hulbTnhCL3CC9lND1SLmmrvDEjLMfxcrPCDX1QFZCn7wkD7Nxi2NFP/KkPnih7+tfnub
 SJZMLFgvufXXaegq96H/6P76jAGtugWefHkeuy8CU5yH5WZpHaDQrFT0HLlrD2YLFJFV
 /AbbEtJwxld0sddxXRGkhSD3pUNSvViOwnK+hOgP0SMmwWpYyAeos31w4oobH/EAdQT8
 P7RQqug+OfLfuvJQ4ciS2OcTGuO/1QJSRX9QjliT9i4nF4UnR9+KZxwCHzPBHTGPeSD1
 dHUQ==
X-Gm-Message-State: AOAM532zFlUC/C+guc9ZgGR+UqKz1mNQtOkZoO6gnhwctNqPWghawQiI
 zIJ8yhYnZs80t+cd896BXzuSy7PomgAaKRFwRQiP+S8IUcU=
X-Google-Smtp-Source: ABdhPJyrTLYruKNrS0pjTwSkspzk2rZdYM+LGpCpL1YFqz4Yx3MEC+wfoEDK4yP+0FwOyCsGjLDpJShcnVY5GW1pYYM=
X-Received: by 2002:a92:c24c:: with SMTP id k12mr8234202ilo.282.1616704544470; 
 Thu, 25 Mar 2021 13:35:44 -0700 (PDT)
MIME-Version: 1.0
From: Peng Yu <pengyu.ut@gmail.com>
Date: Thu, 25 Mar 2021 15:35:33 -0500
Message-ID: <CABrM6wmvZivW6sF2zNwY_BizSaqXf_ECFisAqFtgVoZUxa=5UA@mail.gmail.com>
Subject: How to find the original code that causes a CVE?
To: libc-help <libc-help@sourceware.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM,
 PDS_TONAME_EQ_TOLOCAL_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=no autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: libc-help@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-help mailing list <libc-help.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-help>,
 <mailto:libc-help-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-help/>
List-Help: <mailto:libc-help-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-help>,
 <mailto:libc-help-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 20:35:46 -0000

Hi,

https://www.cvedetails.com/cve/CVE-2017-16997/

I see this CVE for glibc. But it is not clear how to look up which
line of the source code causes this vulnerability. Could anybody show
me how to look this up?

-- 
Regards,
Peng