This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/756] missing arithmetic overflow check

------- Additional Comments From jakub at redhat dot com  2005-02-24 00:59 -------
With inbytes_remaining 2**24 outbuf_size will be 0x10000010.
With 2**28 outbuf_size will be 16, sure, but that still doesn't mean the string
can't be converted.
iconv honors whatever outbytes_remaining it is given, so the only problem
is if outbytes_remaining is -1 and outbuf_size is 0, then we allocated less than
we are telling iconv there is available.

The initial outbuf_size computation is in fact just a hint, so the routine
shouldn't fail just because it tried to allocate too large buffer.
The output string might be shortern than input string, or about the same length,
not 16 times longer.
It can do
if (outbuf_size <= inbytes_remaining) outbuf_size = inbytes_remaining + 1;
or something similar and let the ENOMEM only pop up if malloc or realloc
fails.  And perhaps if the first malloc fails, but outbuf_size is bigger than
inbytes_remaining + 1, it could retry with outbuf_size = inbutes_remaining + 1.


------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]