This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: glibc segfault on "special" long double values is _ok_!?
Jim Meyering <jim@meyering.net> writes:
> Andreas Schwab <schwab@suse.de> wrote:
>> Jim Meyering <jim@meyering.net> writes:
>>
>>> Andreas Schwab <schwab@suse.de> wrote:
>>>> Jim Meyering <jim@meyering.net> writes:
>>>>
>>>>> I'm interested, because I don't want my applications to segfault on such
>>>>> inputs. Sure it may look a little far-fetched, but I think it's not.
>>>>> Imagine such a bit pattern being injected into a network data stream
>>>>> that is then printed as a long double. Just printing an arbitrary
>>>>> "long double" should not make a server vulnerable to a DoS attack.
>>>>
>>>> In which way is this different from passing NULL to strlen?
>>>
>>> I'm surprised to hear you arguing that it is desirable for glibc's printf
>>> implementation to segfault for a long-double with an unusual bit pattern.
>>
>> In which way is this different from printf("%s", (char*)1)?
>
> Posing the question for printf("%s", NULL) wouldn't have made
> the same point, Eh?
You still did not answer my questions.
Andreas.
--
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."