glibc.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Siddhesh Poyarekar <siddhesh@redhat.com>	2013-09-23 11:24:30 +0530
committer	Allan McRae <allan@archlinux.org>	2013-10-25 23:55:07 +1000
commit	6957bcb15456b5118c44bb49754b199462336639 (patch)
tree	eba5469f2e7ce58b810f95c4b335ec6b9908a19f /scripts/check-execstack.awk
parent	56532663f2881ce7b7996d75dbb6bbb438187457 (diff)
download	glibc-6957bcb15456b5118c44bb49754b199462336639.tar.xz glibc-6957bcb15456b5118c44bb49754b199462336639.zip

Check for integer overflow in cache size computation in strcoll

strcoll is implemented using a cache for indices and weights of collation sequences in the strings so that subsequent passes do not have to search through collation data again. For very large string inputs, the cache size computation could overflow. In such a case, use the fallback function that does not cache indices and weights of collation sequences. Fixes CVE-2012-4412. (cherry picked from commit 303e567a8062200dc06acde7c76fc34679f08d8f) Conflicts: NEWS

Diffstat (limited to 'scripts/check-execstack.awk')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: