Bug 14667 - [2.16 backport] Don't parse %s format argument as multibyte string
Summary: [2.16 backport] Don't parse %s format argument as multibyte string
Status: RESOLVED FIXED
Alias: None
Product: glibc
Classification: Unclassified
Component: stdio (show other bugs)
Version: 2.16
: P2 normal
Target Milestone: ---
Assignee: Carlos O'Donell
URL:
Keywords: glibc_2.16
Depends on:
Blocks:
 
Reported: 2012-10-03 20:42 UTC by Jonathan Nieder
Modified: 2014-06-17 04:10 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Last reconfirmed:
fweimer: security-

Attachments
cherry-pick commit 715a900c9085907fa749589bf738b192b1a2bda5 (1.93 KB, patch)
2012-10-03 20:42 UTC, Jonathan Nieder 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jonathan Nieder 2012-10-03 20:42:58 UTC 
Created attachment 6665 [details]
cherry-pick commit 715a900c9085907fa749589bf738b192b1a2bda5

The following should be backported to 2.16:

commit 715a900c9085907fa749589bf738b192b1a2bda5
Author: Jeff Law <law@redhat.com>
Date:   Fri Sep 28 12:48:42 2012 -0600

    2012-09-28  Andreas Schwab  <schwab@linux-m68k.org>

            [BZ #6530]
            * stdio-common/vfprintf.c (process_string_arg): Revert
            2000-07-22 change.

    2011-09-28  Jonathan Nieder  <jrnieder@gmail.com>

            * stdio-common/Makefile (tst-sprintf-ENV): Set environment
            for testcase.
            * stdio-common/tst-sprintf.c: Include <locale.h>
            (main): Test sprintf's handling of incomplete multibyte
            characters.

Backport attached.  Its passes with the change and does not pass without.
No new test failures.
Comment 1 Carlos O'Donell 2012-10-03 20:58:46 UTC 
Jonathan,

This looks good to me, and is good for 2.16.

Please check this in to the 2.16 branch.

Any opinion about when we should make a 2.16.1 release?

If you don't have the ability to check this in yourself please start the process.

e.g.
http://sourceware.org/glibc/wiki/MAINTAINERS#Accounts_on_Sourceware.org
Comment 2 Jonathan Nieder 2012-10-04 00:34:30 UTC 
(In reply to comment #1)
> Please check this in to the 2.16 branch.

Done, thanks.

> Any opinion about when we should make a 2.16.1 release?

No particular opinion.