This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug libc/3013] New: Uninitialized byte written in fa_IR/LC_CTYPE
- From: "barbier at linuxfr dot org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 8 Aug 2006 21:15:31 -0000
- Subject: [Bug libc/3013] New: Uninitialized byte written in fa_IR/LC_CTYPE
- Reply-to: sourceware-bugzilla at sourceware dot org
Hi,
locale/programs/ld-ctype.c (ctype_output) contains several occurences of
iov[2 + elem + offset].iov_base = (void *) nulbytes;
iov[2 + elem + offset].iov_len = 1 + (4 - ((total + 1) % 4));
The last expression is between 2 and 5, but nulbytes is defined by
static const char nulbytes[4] = { 0, 0, 0, 0 };
An uninitialized byte can thus be written in LC_CTYPE, this happens
with fa_IR.
--
Summary: Uninitialized byte written in fa_IR/LC_CTYPE
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: drepper at redhat dot com
ReportedBy: barbier at linuxfr dot org
CC: glibc-bugs at sources dot redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=3013
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.