This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
glibc segfault on "special" long double values is _ok_!?
- From: Jim Meyering <jim at meyering dot net>
- To: Andreas Schwab <schwab at suse dot de>
- Cc: Ulrich Drepper <drepper at redhat dot com>
- Cc: bug-gnulib at gnu dot org, libc-alpha at sourceware dot org
- Date: Wed, 06 Jun 2007 14:32:20 +0200
- Subject: glibc segfault on "special" long double values is _ok_!?
Hi Andreas,
Did you mean to close this bug as "resolved/invalid"?
printf crashes on some 'long double' values
http://sourceware.org/bugzilla/show_bug.cgi?id=4586
[BTW, it segfaults on i686 rawhide, even with no compiler options]
I'm interested, because I don't want my applications to segfault on such
inputs. Sure it may look a little far-fetched, but I think it's not.
Imagine such a bit pattern being injected into a network data stream
that is then printed as a long double. Just printing an arbitrary
"long double" should not make a server vulnerable to a DoS attack.
If glibc were to stay this way, I would feel obliged to make applications
I care about pull in the gnulib replacement printf infrastructure even
when my system provides the latest glibc. That would be a shame.
It may well be that the current glibc behavior is not prohibited by
any standard, but I think that "quality of implementation" concerns
(not to mention a desire for robustness and security) would dictate a
more manageable result.
Jim