[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: __asprintf buffer resize issue
From: |
Michael Meeks |
Subject: |
Re: __asprintf buffer resize issue |
Date: |
Sat, 28 Jul 2001 05:56:14 -0400 (EDT) |
Hi Ulrich,
On 27 Jul 2001, Ulrich Drepper wrote:
> > When printing a certain set of strings, there appears to be a
> > buffer overflow issue in glibc's __asprintf implementation.
>
> First, *never* use any symbol with a leading underscore unless it is
> explicitly allowed by a standard. The missing prototype is a clear
> hint. You might very well find that the semantics of __ protected
> symbols suddenly changes or they go away completely.
Naturaly, but if I had produced a problem report that said that
glib's gmodule implementation crashed when trying to load a certain shared
library vi the elf/ code - it would not have been easily repeatable :-)
especialy given the sensitivity of the lengths of the strings.
Groping into the guts of glibc is of course evil, but I hope the
small test case made it easy to see what was going on. I notice this bug
doesn't appear to show in glibc-2.1.3 - but I suppose regression tests
that rely on specific internal buffer lengths and electric fence are not
so welcome.
> Second, there was a problem with the asprintf function copying too
> many bytes. The target buffer was fine, but the source didn't have
> that much content. I've checked in a patch for 2.2.4.
Great.
Many thanks,
Michael.
--
address@hidden <><, Pseudo Engineer, itinerant idiot