This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: glibc segfault on "special" long double values is _ok_!?


Andreas Schwab <schwab@suse.de> wrote:
> Jim Meyering <jim@meyering.net> writes:
>
>> Andreas Schwab <schwab@suse.de> wrote:
>>> Jim Meyering <jim@meyering.net> writes:
>>>
>>>> I'm interested, because I don't want my applications to segfault on such
>>>> inputs.  Sure it may look a little far-fetched, but I think it's not.
>>>> Imagine such a bit pattern being injected into a network data stream
>>>> that is then printed as a long double.  Just printing an arbitrary
>>>> "long double" should not make a server vulnerable to a DoS attack.
>>>
>>> In which way is this different from passing NULL to strlen?
>>
>> I'm surprised to hear you arguing that it is desirable for glibc's printf
>> implementation to segfault for a long-double with an unusual bit pattern.
>
> In which way is this different from printf("%s", (char*)1)?

Posing the question for printf("%s", NULL) wouldn't have made
the same point, Eh?

Just because standards leave it undefined doesn't mean
that "segfault" is the best response -- or even a "good" one.
Standards conformance is obviously not the issue here.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]