This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
- From: Alexander Cherepanov <ch3root at openwall dot com>
- To: Paul Pluzhnikov <ppluzhnikov at google dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Mon, 26 Oct 2015 20:50:07 +0300
- Subject: Re: [patch] Fix BZ 19165 -- overflow in fread / fwrite
- Authentication-results: sourceware.org; auth=none
- References: <CALoOobOpSFwNOqD2RbsSQ95+16=xWN=fTpDJZqgPGJPSXCDmEA at mail dot gmail dot com>
On 2015-10-26 06:49, Paul Pluzhnikov wrote:
Attached patch fixes BZ 19165 by failing fwrite when the byte count is
impossibly large,
I think this goes against the standard. In such cases fwrite should go
until an error. A saturated multiplication, as proposed by Florian, is
probably a good idea.
and by returning actual count from fread, instead of
approximation of it.
Thanks, this should eliminate the main concern (please note though that,
after wrapping, bytes_requested and hence bytes_read may be not evenly
divisible by size). But I think this is not enough to be standard-compliant.
--
Alexander Cherepanov