This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/14547] strcoll integer / buffer overflow
- From: "mancha1 at hush dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 25 Oct 2013 13:17:48 +0000
- Subject: [Bug libc/14547] strcoll integer / buffer overflow
- Auto-submitted: auto-generated
- References: <bug-14547-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=14547
--- Comment #9 from mancha <mancha1 at hush dot com> ---
(In reply to mancha from comment #8)
> Hello. I applied Siddhesh's three patches (2 CVE fixes + strcoll
> refactoring) and the PoCs no longer trigger overflows.
>
> What is a reasonable runtime to expect on those PoCs post-patch?
>
> I ask because last night I left Joseph's code running on a ~2.3GHz Intel and
> it was still going this morning [was in seq_next_seq_nocache()].
>
> Thanks!
get_next_seq_nocache() that is.
--
You are receiving this mail because:
You are on the CC list for the bug.