This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param

From: "Carlos O'Donell" <carlos at redhat dot com>
To: Paul Pluzhnikov <ppluzhnikov at gmail dot com>, GLIBC Devel <libc-alpha at sourceware dot org>
Date: Thu, 05 Mar 2015 14:48:22 -0500
Subject: Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
Authentication-results: sourceware.org; auth=none
References: <CALoOobMubkj2ikTiz+H0vKcYLUnLK=o-redAo27HOrwcGfeDRg at mail dot gmail dot com>

On 02/27/2015 09:47 PM, Paul Pluzhnikov wrote:
> Greetings,
> 
> Attached patch fixes BZ #18043.
> 
> TIL: strchr("abc", '\0') != NULL and that is apparently well defined.
> 
> 
> 2015-02-27  Paul Pluzhnikov  <ppluzhnikov@google.com>
> 
>         [BZ #18043]
>         * posix/wordexp.c (parse_param): Fix buffer overflow.
>         * posix/wordexp-test.c: Add test case.
> 

Looks good to me. Thanks for fixing these and adding a test case.

OK to commit as long as you verified that test case fails before
and passes afterwards on at least x86_64.

Cheers,
Carlos.

Follow-Ups:
- Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
  - From: Paul Pluzhnikov

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]