This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/13506] tzfile.c heap overrun/corruption
- From: "eggert at gnu dot org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Thu, 15 Dec 2011 21:00:49 +0000
- Subject: [Bug libc/13506] tzfile.c heap overrun/corruption
- Auto-submitted: auto-generated
- References: <bug-13506-131@http.sourceware.org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=13506
Paul Eggert <eggert at gnu dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6113|0 |1
is obsolete| |
--- Comment #1 from Paul Eggert <eggert at gnu dot org> 2011-12-15 21:00:49 UTC ---
Created attachment 6114
--> http://sourceware.org/bugzilla/attachment.cgi?id=6114
catch multiplication as well as addition overflows
Jeff Law's work-in-progress patch misses some problematic overflows. This is
because the integer multiplications may overflow too. Attached is an
untested patch that catches the problematic overflows that I found
by inspection. This patch does not attempt to catch all overflows, only
those that might corrupt memory.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.