This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Patch] Fix another unbound alloca (BZ 13761)

From: Jeff Law <law at redhat dot com>
To: libc-alpha <libc-alpha at sourceware dot org>
Date: Fri, 22 Jun 2012 14:46:59 -0600
Subject: [Patch] Fix another unbound alloca (BZ 13761)

This is a follow-up to fully resolve 13761.

Using the same procedures mentioned in BZ 13761, it's still possible to trigger an unbound alloca in nscd. Basically Siddhesh's patch fixed the first unbound alloca, but left a later one unfixed.

Basically DATASET in cache_addgr can grow without bound in one particular case. When we can not permanently add the result, but can provide the result as-is we allocate temporary memory to hold that DATASET. If DATASET is large, we blow out the stack.

Attachment: patch
Description: Text document

Follow-Ups:
- Re: [Patch] Fix another unbound alloca (BZ 13761)
  - From: Carlos O'Donell
- Re: [Patch] Fix another unbound alloca (BZ 13761)
  - From: Roland McGrath

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]