This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/24050] New: telldir missing truncation check
- From: "jsm28 at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Mon, 31 Dec 2018 11:25:36 +0000
- Subject: [Bug libc/24050] New: telldir missing truncation check
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=24050
Bug ID: 24050
Summary: telldir missing truncation check
Product: glibc
Version: 2.28
Status: NEW
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: jsm28 at gcc dot gnu.org
CC: drepper.fsp at gmail dot com
Target Milestone: ---
sysdeps/posix/telldir.c converts an off_t value (dirp->filepos) to a long int
return value with no overflow check. On platforms where long int is smaller
than the default off_t (currently just x32, but will include RISC-V 32-bit in
future, given the intent that that will only support 64-bit times and thus will
only support 64-bit offsets), it should check for overflow in the conversion
and produce an EOVERFLOW error in that case. (This is related to but separate
from bug 23960; a kernel facility to request 32-bit offsets to avoid that bug
might avoid some overflows occurring, but only if such requests are made by
glibc in the configurations with 32-bit long, not just the configurations with
32-bit off_t.)
--
You are receiving this mail because:
You are on the CC list for the bug.