[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: glibc segfault on "special" long double values is _ok_!?
|
From: |
Andreas Schwab |
|
Subject: |
Re: glibc segfault on "special" long double values is _ok_!? |
|
Date: |
Wed, 06 Jun 2007 15:40:26 +0200 |
|
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.97 (gnu/linux) |
Jim Meyering <address@hidden> writes:
> Andreas Schwab <address@hidden> wrote:
>> Jim Meyering <address@hidden> writes:
>>
>>> I'm interested, because I don't want my applications to segfault on such
>>> inputs. Sure it may look a little far-fetched, but I think it's not.
>>> Imagine such a bit pattern being injected into a network data stream
>>> that is then printed as a long double. Just printing an arbitrary
>>> "long double" should not make a server vulnerable to a DoS attack.
>>
>> In which way is this different from passing NULL to strlen?
>
> I'm surprised to hear you arguing that it is desirable for glibc's printf
> implementation to segfault for a long-double with an unusual bit pattern.
In which way is this different from printf("%s", (char*)1)?
Andreas.
--
Andreas Schwab, SuSE Labs, address@hidden
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
Re: glibc segfault on "special" long double values is _ok_!?, James Youngman, 2007/06/06