This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug stdio/19165] fread overflow
- From: "bugdal at aerifal dot cx" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 23 Oct 2015 07:41:10 +0000
- Subject: [Bug stdio/19165] fread overflow
- Auto-submitted: auto-generated
- References: <bug-19165-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=19165
Rich Felker <bugdal at aerifal dot cx> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bugdal at aerifal dot cx
--- Comment #2 from Rich Felker <bugdal at aerifal dot cx> ---
If your interpretation is that the dest pointer passed in must point to ab
object of size size*nmemb, this is a non-issue. However perhaps it's valid to
pass a size larger than any possible object if you know the read will hit eof
before overflowing the buffer. In that case fortify almost surely mishandles
this, too...
--
You are receiving this mail because:
You are on the CC list for the bug.