[patch] Fix BZ #18043 (comment #19)
Mike Frysinger
vapier@gentoo.org
Tue Mar 10 02:20:00 GMT 2015
On 09 Mar 2015 16:13, Paul Pluzhnikov wrote:
> Calling 'setenv(..., NULL, 1)' invokes undefined behavior.
>
> Unfortunately, wordexp() itself does it, triggering subsequent buffer overflow.
> See http://sourceware.org/bugzilla/show_bug.cgi?id=18043#c19.
>
> Attached trivial patch stops wordexp from doing that.
lgtm
-mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://sourceware.org/pipermail/libc-alpha/attachments/20150310/36f492ea/attachment.sig>
More information about the Libc-alpha
mailing list