This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: glibc segfault on "special" long double values is _ok_!?
- From: Andreas Schwab <schwab at suse dot de>
- To: Jim Meyering <jim at meyering dot net>
- Cc: Ulrich Drepper <drepper at redhat dot com>, bug-gnulib at gnu dot org, libc-alpha at sourceware dot org
- Date: Wed, 06 Jun 2007 14:48:05 +0200
- Subject: Re: glibc segfault on "special" long double values is _ok_!?
- References: <87y7ixb6wb.fsf@rho.meyering.net>
Jim Meyering <jim@meyering.net> writes:
> I'm interested, because I don't want my applications to segfault on such
> inputs. Sure it may look a little far-fetched, but I think it's not.
> Imagine such a bit pattern being injected into a network data stream
> that is then printed as a long double. Just printing an arbitrary
> "long double" should not make a server vulnerable to a DoS attack.
In which way is this different from passing NULL to strlen?
Andreas.
--
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."