This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] Fix BZ 18036 buffer overflow (read past end of buffer) in internal_fnmatch=>end_pattern

From: Florian Weimer <fweimer at redhat dot com>
To: Paul Pluzhnikov <ppluzhnikov at gmail dot com>
Cc: GLIBC Devel <libc-alpha at sourceware dot org>
Date: Mon, 02 Mar 2015 22:02:57 +0100
Subject: Re: [patch] Fix BZ 18036 buffer overflow (read past end of buffer) in internal_fnmatch=>end_pattern
Authentication-results: sourceware.org; auth=none
References: <CALoOobOKfc9XKEQMbv9uwXTEaer-t=d1FwfOMv61YAOBUBV3_A at mail dot gmail dot com> <54F46312 dot 3050205 at redhat dot com> <CALoOobMiM9yWZnMKK9Kqtues5b22+z+KGABKe8p8xXYUDzwNfw at mail dot gmail dot com>

On 03/02/2015 05:53 PM, Paul Pluzhnikov wrote:
> On Mon, Mar 2, 2015 at 5:18 AM, Florian Weimer <fweimer@redhat.com> wrote:
> 
>> Okay to commit if you have checked that the test case actually tests the
>> bug.  Thanks.
> 
> I missed the "make it fail" step, and it actually didn't :-(
> 
> Fixed. Thanks,
> 
> 2015-03-02  Paul Pluzhnikov  <ppluzhnikov@google.com>
> 
>         [BZ #18036]
>         * posix/fnmatch_loop.c (END): Detect invalid pattern.
>         * posix/tst-fnmatch3.c (do_bz18036): Add test case.
> 

Okay.

-- 
Florian Weimer / Red Hat Product Security

References:
- Re: [patch] Fix BZ 18036 buffer overflow (read past end of buffer) in internal_fnmatch=>end_pattern
  - From: Florian Weimer
- Re: [patch] Fix BZ 18036 buffer overflow (read past end of buffer) in internal_fnmatch=>end_pattern
  - From: Paul Pluzhnikov

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]