This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/17048] posix_spawn_file_actions_addopen fails to copy the path argument
- From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Wed, 11 Jun 2014 21:18:40 +0000
- Subject: [Bug libc/17048] posix_spawn_file_actions_addopen fails to copy the path argument
- Auto-submitted: auto-generated
- References: <bug-17048-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17048
--- Comment #1 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 89e435f3559c53084498e9baad22172b64429362 (commit)
from c3a2ebe1f7541cc35937621e08c28ff88afd0845 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=89e435f3559c53084498e9baad22172b64429362
commit 89e435f3559c53084498e9baad22172b64429362
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Jun 11 23:12:52 2014 +0200
posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
POSIX requires that we make a copy, so we allocate a new string
and free it in posix_spawn_file_actions_destroy.
Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz. This bug
may have security implications.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 13 +++++++++++++
NEWS | 2 +-
posix/spawn_faction_addopen.c | 13 ++++++++++---
posix/spawn_faction_destroy.c | 22 ++++++++++++++++++++--
posix/spawn_int.h | 2 +-
posix/tst-spawn.c | 10 +++++++++-
6 files changed, 54 insertions(+), 8 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.