This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/14700] New: opendir: potential integer overflow
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: Thu, 11 Oct 2012 14:37:52 +0000
- Subject: [Bug libc/14700] New: opendir: potential integer overflow
- Auto-submitted: auto-generated
http://sourceware.org/bugzilla/show_bug.cgi?id=14700
Bug #: 14700
Summary: opendir: potential integer overflow
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: unassigned@sourceware.org
ReportedBy: fweimer@redhat.com
CC: drepper.fsp@gmail.com
Classification: Unclassified
In __alloc_dir in sysdeps/posix/opendir.c, st_blksize can be a large value from
a source which is not necessarily trusted. Therefore, we should check that the
addition does not overflow and fall back to default_allocation in that case.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.