Re: recent glibc printf bug

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: recent glibc printf bug

From:	Bruno Haible
Subject:	Re: recent glibc printf bug
Date:	Thu, 24 Feb 2011 16:32:43 +0100
User-agent:	KMail/1.9.9

Hi Eric,

> Another glibc printf bug has been exposed and fixed:
> 
> http://sourceware.org/bugzilla/show_bug.cgi?id=12445
> 
> Should our *printf-posix modules be testing for and working around this
> issue?

Based on the expected frequency of the bug - it affects only format strings
with more than 31 format directives -, I would say no. But the effect of
writing wrong data to the stack could be abused for security relevant exploits,
so I would say yes.

Bruno
-- 
In memoriam Mario Manuel de la Peña <http://www.directorio.org/mario.htm>

[Prev in Thread]

Current Thread

[Next in Thread]

recent glibc printf bug, Eric Blake, 2011/02/24
- Re: recent glibc printf bug, Bruno Haible <=
  - Re: recent glibc printf bug, Eric Blake, 2011/02/24
    - Re: recent glibc printf bug, Bruno Haible, 2011/02/24

Prev by Date: recent glibc printf bug
Next by Date: Re: recent glibc printf bug
Previous by thread: recent glibc printf bug
Next by thread: Re: recent glibc printf bug
Index(es):
- Date
- Thread