This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[patch] Fix BZ #18043 (comment #19)

From: Paul Pluzhnikov <ppluzhnikov at gmail dot com>
To: GLIBC Devel <libc-alpha at sourceware dot org>
Date: Mon, 9 Mar 2015 16:13:27 -0700
Subject: [patch] Fix BZ #18043 (comment #19)
Authentication-results: sourceware.org; auth=none

Greetings,

Calling 'setenv(..., NULL, 1)' invokes undefined behavior.

Unfortunately, wordexp() itself does it, triggering subsequent buffer overflow.
See http://sourceware.org/bugzilla/show_bug.cgi?id=18043#c19.

Attached trivial patch stops wordexp from doing that.


2015-03-09  Paul Pluzhnikov  <ppluzhnikov@google.com>

        [BZ #18043]
        * posix/wordexp.c (parse_param): Don't call setenv(..., NULL, 1).




-- 
Paul Pluzhnikov

Attachment: bz18043.patch5.txt
Description: Text document

Follow-Ups:
- Re: [patch] Fix BZ #18043 (comment #19)
  - From: Paul Pluzhnikov
- Re: [patch] Fix BZ #18043 (comment #19)
  - From: Mike Frysinger

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]