This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.18-302-g17c48a6
- From: neleai at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 14 Oct 2013 15:16:26 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.18-302-g17c48a6
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 17c48a60b8f51e627fc1a1bc3805a80b7bdf6d8d (commit)
from cabba9343c8bd99e4aea66aa1e0ec7d93aa18a7e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=17c48a60b8f51e627fc1a1bc3805a80b7bdf6d8d
commit 17c48a60b8f51e627fc1a1bc3805a80b7bdf6d8d
Author: OndÅ?ej BÃlka <neleai@seznam.cz>
Date: Mon Oct 14 17:15:08 2013 +0200
Fix error_tail overflow in allocation calculation.
diff --git a/ChangeLog b/ChangeLog
index 3905a29..6a95683 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-10-14 OndÅ?ej BÃlka <neleai@seznam.cz>
+
+ [BZ #15672]
+ * misc/error.c (error_tail): Fix possible buffer overflow.
+
2013-10-14 Aurelien Jarno <aurelien@aurel32.net>
[BZ #13028]
diff --git a/NEWS b/NEWS
index 156e988..48bbb02 100644
--- a/NEWS
+++ b/NEWS
@@ -11,11 +11,11 @@ Version 2.19
156, 431, 832, 13028, 13982, 13985, 14155, 14547, 14699, 14910, 15048,
15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609, 15610, 15632,
- 15640, 15680, 15681, 15723, 15734, 15735, 15736, 15748, 15749, 15754,
- 15760, 15764, 15797, 15844, 15847, 15849, 15855, 15856, 15857, 15859,
- 15867, 15886, 15887, 15890, 15892, 15893, 15895, 15897, 15905, 15909,
- 15867, 15886, 15887, 15890, 15892, 15893, 15895, 15897, 15905, 15909,
- 15919, 15921, 15923, 15939, 15963, 15966, 15988, 16032, 16034, 16036.
+ 15640, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748, 15749,
+ 15754, 15760, 15764, 15797, 15844, 15847, 15849, 15855, 15856, 15857,
+ 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895, 15897, 15905,
+ 15909, 15919, 15921, 15923, 15939, 15963, 15966, 15988, 16032, 16034,
+ 16036.
* CVE-2012-4412 The strcoll implementation caches indices and rules for
large collation sequences to optimize multiple passes. This cache
diff --git a/misc/error.c b/misc/error.c
index c8e62cf..408a1ab 100644
--- a/misc/error.c
+++ b/misc/error.c
@@ -165,7 +165,7 @@ error_tail (int status, int errnum, const char *message, va_list args)
if (res != len)
break;
- if (__builtin_expect (len >= SIZE_MAX / 2, 0))
+ if (__builtin_expect (len >= SIZE_MAX / sizeof (wchar_t) / 2, 0))
{
/* This really should not happen if everything is fine. */
res = (size_t) -1;
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 5 +++++
NEWS | 10 +++++-----
misc/error.c | 2 +-
3 files changed, 11 insertions(+), 6 deletions(-)
hooks/post-receive
--
GNU C Library master sources