This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch gentoo/2.21 updated. glibc-2.21-26-gcd98dde

From: vapier at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 16 Feb 2016 18:59:43 -0000
Subject: GNU C Library master sources branch gentoo/2.21 updated. glibc-2.21-26-gcd98dde

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, gentoo/2.21 has been updated
       via  cd98ddec7bc83c8d590a07c786ec133aa63f60ba (commit)
      from  01367766b3a9962e5dd5fada7c667c4876be5ebf (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=cd98ddec7bc83c8d590a07c786ec133aa63f60ba

commit cd98ddec7bc83c8d590a07c786ec133aa63f60ba
Author: OndÅ?ej BÃlka <neleai@seznam.cz>
Date:   Sat Jul 11 17:44:10 2015 +0200

    Handle overflow in __hcreate_r
    
    Hi,
    
    As in bugzilla entry there is overflow in hsearch when looking for prime
    number as SIZE_MAX - 1 is divisible by 5. We fix that by rejecting large
    inputs before looking for prime.
    
    	* misc/hsearch_r.c (__hcreate_r): Handle overflow.
    
    (cherry picked from commit 2f5c1750558fe64bac361f52d6827ab1bcfe52bc)
    (cherry picked from commit 51e762570e41074a7d9be5b0ee8761f037fc6e68)

diff --git a/misc/hsearch_r.c b/misc/hsearch_r.c
index 3a7c526..8b368cb 100644
--- a/misc/hsearch_r.c
+++ b/misc/hsearch_r.c
@@ -19,7 +19,7 @@
 #include <errno.h>
 #include <malloc.h>
 #include <string.h>
-
+#include <stdint.h>
 #include <search.h>
 
 /* [Aho,Sethi,Ullman] Compilers: Principles, Techniques and Tools, 1986
@@ -73,6 +73,13 @@ hcreate_r (nel, htab)
       return 0;
     }
 
+  if (nel >= SIZE_MAX / sizeof (_ENTRY))
+    {
+      __set_errno (ENOMEM);
+      return 0;
+    }
+
+
   /* There is still another table active. Return with error. */
   if (htab->table != NULL)
     return 0;

-----------------------------------------------------------------------

Summary of changes:
 misc/hsearch_r.c |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]