This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/14700] New: opendir: potential integer overflow

From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: Thu, 11 Oct 2012 14:37:52 +0000
Subject: [Bug libc/14700] New: opendir: potential integer overflow
Auto-submitted: auto-generated

http://sourceware.org/bugzilla/show_bug.cgi?id=14700

             Bug #: 14700
           Summary: opendir: potential integer overflow
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: unassigned@sourceware.org
        ReportedBy: fweimer@redhat.com
                CC: drepper.fsp@gmail.com
    Classification: Unclassified


In __alloc_dir in sysdeps/posix/opendir.c, st_blksize can be a large value from
a source which is not necessarily trusted.  Therefore, we should check that the
addition does not overflow and fall back to default_allocation in that case.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Follow-Ups:
- [Bug libc/14700] opendir: potential integer overflow
  - From: fweimer at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]