This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472)

--- Comment #2 from cvs-commit at gcc dot <cvs-commit at gcc dot> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 (commit)
      from  04cb913ddf67ac90da274dd32b6ceafd57ca36ca (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06

commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
Author: Paul Pluzhnikov <>
Date:   Fri Feb 6 00:30:42 2015 -0500

    CVE-2015-1472: wscanf allocates too little memory

    BZ #16618

    Under certain conditions wscanf can allocate too little memory for the
    to-be-scanned arguments and overflow the allocated buffer.  The
    implementation now correctly computes the required buffer size when
    using malloc.

    A regression test was added to tst-sscanf.


Summary of changes:
 ChangeLog                 |    8 ++++++++
 NEWS                      |   24 +++++++++++++++---------
 stdio-common/tst-sscanf.c |   33 +++++++++++++++++++++++++++++++++
 stdio-common/vfscanf.c    |   12 ++++++------
 4 files changed, 62 insertions(+), 15 deletions(-)

You are receiving this mail because:
You are on the CC list for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]