This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/18043] buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param

From: "ppluzhnikov at google dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Mon, 09 Mar 2015 18:51:36 +0000
Subject: [Bug libc/18043] buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
Auto-submitted: auto-generated
References: <bug-18043-131 at http dot sourceware dot org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=18043

--- Comment #12 from Paul Pluzhnikov <ppluzhnikov at google dot com> ---
(In reply to Kostya Serebryany from comment #11)

> Ah, Apparently one of the previous fuzzing iterations has set such env var.
> (which also means that wordexp is not an ideal target for in-process fuzzing)
> Is this still interesting? 

It's still a bug (AFAICT) -- GLIBC shouldn't be accessing env strings out of
bounds.

I've tried setting these variables myself, to various values, but still do not
see violations.

What do you have them set at (and which ones) ?

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]