This is the mail archive of the glibc-bugs-regex@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug regex/1291] New: size-overflow bugs in the regex code

From: "eggert at gnu dot org" <sourceware-bugzilla at sources dot redhat dot com>
To: glibc-bugs-regex at sources dot redhat dot com
Date: 2 Sep 2005 22:51:45 -0000
Subject: [Bug regex/1291] New: size-overflow bugs in the regex code
Reply-to: sourceware-bugzilla at sources dot redhat dot com

The regex code currently misbehaves badly if there's an arithmetic
overflow when calculating sizes, e.g., when doubling buffer sizes.
I'll attach a patch for all the instances of this that I found.  These
patches are conservative, in the sense that when I couldn't determine
whether an overflow was possible, I inserted a run-time check.

-- 
           Summary: size-overflow bugs in the regex code
           Product: glibc
           Version: 2.3.5
            Status: NEW
          Severity: normal
          Priority: P2
         Component: regex
        AssignedTo: gotom at debian dot or dot jp
        ReportedBy: eggert at gnu dot org
                CC: glibc-bugs-regex at sources dot redhat dot com,glibc-
                    bugs at sources dot redhat dot com
 BugsThisDependsOn: 1285


http://sources.redhat.com/bugzilla/show_bug.cgi?id=1291

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Follow-Ups:
- [Bug regex/1291] size-overflow bugs in the regex code
  - From: eggert at gnu dot org

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]