This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)

From: Allan McRae <allan at archlinux dot org>
To: Florian Weimer <fweimer at redhat dot com>, Roland McGrath <roland at hack dot frob dot com>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Sun, 15 Jun 2014 11:08:58 +1000
Subject: Re: [PATCH] posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
Authentication-results: sourceware.org; auth=none
References: <5398C182 dot 4040906 at redhat dot com> <20140611210111 dot 92DF92C39A5 at topped-with-meat dot com> <5398C7BD dot 5000304 at redhat dot com>

On 12/06/14 07:18, Florian Weimer wrote:
> On 06/11/2014 11:01 PM, Roland McGrath wrote:
>> This looks fine to me except for some trivia.
> 
> Thanks, committed with the suggested changes.
> 

We normally add a news item for fixed CVEs.  How does this sound?

* CVE-2014-4043 The posix_spawn_file_actions_addopen implementation did not
  copy the path argument. This allowed programs to trigger use-after-free
  bugs or other situations where the path is mutated. (Bugzilla #17048).

Allan

Follow-Ups:
- Re: [PATCH] posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
  - From: Florian Weimer

References:
- [PATCH] posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
  - From: Florian Weimer
- Re: [PATCH] posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
  - From: Roland McGrath
- Re: [PATCH] posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]