This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/13506] tzfile.c heap overrun/corruption


http://sourceware.org/bugzilla/show_bug.cgi?id=13506

Paul Eggert <eggert at gnu dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #6113|0                           |1
        is obsolete|                            |

--- Comment #1 from Paul Eggert <eggert at gnu dot org> 2011-12-15 21:00:49 UTC ---
Created attachment 6114
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6114
catch multiplication as well as addition overflows

Jeff Law's work-in-progress patch misses some problematic overflows.  This is
because the integer multiplications may overflow too.  Attached is an
untested patch that catches the problematic overflows that I found
by inspection.  This patch does not attempt to catch all overflows, only
those that might corrupt memory.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]