From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 111796 invoked by alias); 2 Jan 2019 16:10:43 -0000 Mailing-List: contact libc-stable-help@sourceware.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Subscribe: List-Archive: Sender: libc-stable-owner@sourceware.org Received: (qmail 110318 invoked by uid 89); 2 Jan 2019 16:10:40 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.100.2 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy= X-Spam-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,SPF_HELO_PASS autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org X-Spam-Level: X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 02 Jan 2019 16:10:39 +0000 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3E71B1065 for ; Wed, 2 Jan 2019 16:10:38 +0000 (UTC) Received: from oldenburg2.str.redhat.com (dhcp-192-219.str.redhat.com [10.33.192.219]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0DA9560123 for ; Wed, 2 Jan 2019 16:10:38 +0000 (UTC) Received: by oldenburg2.str.redhat.com (Postfix, from userid 1000) id 7DE548308991; Wed, 2 Jan 2019 17:10:36 +0100 (CET) Date: Tue, 01 Jan 2019 00:00:00 -0000 To: libc-stable@sourceware.org Subject: [2.28 COMMITTED] intl: Do not return NULL on asprintf failure in gettext [BZ #24018] User-Agent: Heirloom mailx 12.5 7/5/10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20190102161036.7DE548308991@oldenburg2.str.redhat.com> From: Florian Weimer X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 02 Jan 2019 16:10:38 +0000 (UTC) X-IsSubscribed: yes X-SW-Source: 2019-01/txt/msg00005.txt.bz2 Fixes commit 9695dd0c9309712ed8e9c17a7040fe7af347f2dc ("DCIGETTEXT: Use getcwd, asprintf to construct absolute pathname"). (cherry picked from commit 8c1aafc1f34d090a5b41dc527c33e8687f6a1287) 2019-01-02 Florian Weimer [BZ #24018] * intl/dcigettext.c (DCIGETTEXT): Do not return NULL on asprintf failure. diff --git a/NEWS b/NEWS index d350d4666a..865c075c82 100644 --- a/NEWS +++ b/NEWS @@ -28,6 +28,7 @@ The following bugs are resolved with this release: [23822] ia64 static libm.a is missing exp2f, log2f and powf symbols [23927] Linux if_nametoindex() does not close descriptor (CVE-2018-19591) [23972] __old_getdents64 uses wrong d_off value on overflow + [24018] gettext may return NULL [24027] malloc: Integer overflow in realloc Security related changes: diff --git a/intl/dcigettext.c b/intl/dcigettext.c index 2a50369948..25f47c5bd3 100644 --- a/intl/dcigettext.c +++ b/intl/dcigettext.c @@ -631,7 +631,7 @@ DCIGETTEXT (const char *domainname, const char *msgid1, const char *msgid2, int ret = __asprintf (&xdirname, "%s/%s", cwd, dirname); free (cwd); if (ret < 0) - return NULL; + goto return_untranslated; dirname = xdirname; } #ifndef IN_LIBGLOCALE