This is the mail archive of the
glibc-bugs@sources.redhat.com
mailing list for the glibc project.
[Bug libc/756] New: missing arithmetic overflow check
- From: "simon at josefsson dot org" <sourceware-bugzilla at sources dot redhat dot com>
- To: glibc-bugs at sources dot redhat dot com
- Date: 22 Feb 2005 19:52:47 -0000
- Subject: [Bug libc/756] New: missing arithmetic overflow check
- Reply-to: sourceware-bugzilla at sources dot redhat dot com
Thanks for installing iconvme!
I proposed to add the module to gnulib again, and another minor nit was spotted.
This patch fixes that.
Thanks.
2005-02-22 Simon Josefsson <jas@extundo.com>
* iconvme.c (iconv_string): Protect arithmetic overflow for
outbuf_size buffer size computation. From Paul Eggert
<eggert@CS.UCLA.EDU>.
Index: libidn/iconvme.c
===================================================================
RCS file: /cvs/glibc/libc/libidn/iconvme.c,v
retrieving revision 1.1
diff -u -p -r1.1 iconvme.c
--- libidn/iconvme.c 22 Feb 2005 01:24:52 -0000 1.1
+++ libidn/iconvme.c 22 Feb 2005 19:51:08 -0000
@@ -67,6 +67,12 @@ iconv_string (const char *str, const cha
size_t outbytes_remaining = outbuf_size - 1; /* -1 for NUL */
size_t err;
int have_error = 0;
+
+ if (1 < MB_LEN_MAX && SIZE_MAX / MB_LEN_MAX <= inbytes_remaining)
+ {
+ errno = ENOMEM;
+ return NULL;
+ }
#endif
if (strcmp (to_codeset, from_codeset) == 0)
--
Summary: missing arithmetic overflow check
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: gotom at debian dot or dot jp
ReportedBy: simon at josefsson dot org
CC: glibc-bugs at sources dot redhat dot com
http://sources.redhat.com/bugzilla/show_bug.cgi?id=756
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.