This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param

From: Paul Pluzhnikov <ppluzhnikov at gmail dot com>
To: "Carlos O'Donell" <carlos at redhat dot com>
Cc: GLIBC Devel <libc-alpha at sourceware dot org>
Date: Fri, 6 Mar 2015 09:15:34 -0800
Subject: Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
Authentication-results: sourceware.org; auth=none
References: <CALoOobMubkj2ikTiz+H0vKcYLUnLK=o-redAo27HOrwcGfeDRg at mail dot gmail dot com> <54F8B306 dot 1080301 at redhat dot com> <CALoOobPh5bGmXKTiGua=RoSO=ow=jaHpEseECJX8_GJ+Rde85g at mail dot gmail dot com> <54F9C5E6 dot 4030005 at redhat dot com>

On Fri, Mar 6, 2015 at 7:21 AM, Carlos O'Donell <carlos@redhat.com> wrote:

>> +  wordexp_t w;
>> +  wordexp (word_start, &w, 0);

This lost the check for expected failure in wordexp from the original patch.

I've added it back in and committed as 895c30cb003857b52c1675f9078e6a799b231bcb.

I'll generalize the check for all other patterns, then update patch
for BZ 18042.

Thanks,

-- 
Paul Pluzhnikov

References:
- Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
  - From: Carlos O'Donell
- Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
  - From: Paul Pluzhnikov
- Re: [patch] Fix for BZ #18043 buffer-overflow (read past the end) in wordexp/parse_dollars/parse_param
  - From: Carlos O'Donell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]