This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] Fix out-of-bounds access in _dl_show_auxv()
On Fri, Apr 27, 2012 at 3:15 PM, Marek Polacek <polacek@redhat.com> wrote:
>> In _dl_show_auxv(), when handling unknown a_type values, auxvars[] could
>> be accessed out of bounds and cause a crash.
>
> Would you have a testcase?
I do, but the testcase involves a custom kernel that passes in an unknown
to glibc a_type == AT_GOOGLE_..., which is large enough to cause a crash.
--
Paul Pluzhnikov