This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] __gconv_translit_find: Actually append ".so" to module name [BZ #17187]
- From: Roland McGrath <roland at hack dot frob dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Cc: taviso at google dot com
- Date: Mon, 28 Jul 2014 16:02:21 -0700 (PDT)
- Subject: Re: [PATCH] __gconv_translit_find: Actually append ".so" to module name [BZ #17187]
- Authentication-results: sourceware.org; auth=none
- References: <53CD0F15 dot 3030806 at redhat dot com>
The original reporter (Tavis) considers this a security issue. I don't see
anything in bugzilla or in your posting that indicates your assessment of
the security impact of the bug. I can only surmise from the fact that you
made the bug and fix public rather than following CVE/embargo processes
that you don't deem it especially sensitive. If that was a mistake and you
do consider it sensitive, then probably we should take the discussion
private immediately (though perhaps enough of the cat is already out of the
bag that it makes no difference). If it is at all important for security,
even if not sensitive enough to be kept secret, then it would be helpful to
say something in the posting that gives the appropriate impression of urgency.
The fix itself looks fine. It should certainly have a test first if at all
possible, though.
IIUC the bug has two effects: a one-byte buffer overrun of a malloc'd
internal buffer; and failure to open the conversion module DSO. So you
should be able write a test that attempts to use some valid conversion
module and fails to open it. You can also call mcheck in the beginning of
the test and mcheck_check_all later in it, so that the checking code will
reliably discover the buffer overrun.
Thanks,
Roland