]> git.ipfire.org Git - thirdparty/glibc.git/commit
projects / thirdparty / glibc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c113202) | patch
Check for integer overflow in cache size computation in strcoll
authorSiddhesh Poyarekar <siddhesh@redhat.com>
Mon, 23 Sep 2013 05:54:30 +0000 (11:24 +0530)
committerAdhemerval Zanella <azanella@linux.vnet.ibm.com>
Thu, 15 Jan 2015 19:53:21 +0000 (14:53 -0500)
commita243b1a0797180e142d525d1325a173c758c3714
treec6ec12ec630b7a81c7403ad1c504b6037bf82158tree
parentc1132021659d22753104762a074d6339ae6cbd01commit | diff
Check for integer overflow in cache size computation in strcoll

strcoll is implemented using a cache for indices and weights of
collation sequences in the strings so that subsequent passes do not
have to search through collation data again.  For very large string
inputs, the cache size computation could overflow.  In such a case,
use the fallback function that does not cache indices and weights of
collation sequences.

Fixes CVE-2012-4412.
ChangeLog diff | blob | blame | history
NEWS diff | blob | blame | history
string/Makefile diff | blob | blame | history
string/strcoll_l.c diff | blob | blame | history
string/tst-strcoll-overflow.c [new file with mode: 0644] blob
A mirror of the official glibc repository