This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug stdio/16617] printf stack overflow with many format specs (CVE-2012-3406)
- From: "joseph at codesourcery dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Sat, 22 Feb 2014 02:57:24 +0000
- Subject: [Bug stdio/16617] printf stack overflow with many format specs (CVE-2012-3406)
- Auto-submitted: auto-generated
- References: <bug-16617-131 at http dot sourceware dot org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=16617
--- Comment #3 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
Use of malloc for various things in printf is the status quo; any change
to allocation strategy (e.g. to use a signal-safe allocator when the
allocations get too big for alloca) could be done everywhere at the same
time, so is unaffected by fixing existing uses of alloca.
In this case, you only need one format argument, used repeatedly with
%1$d. (Cases where alloca is used to allocate memory proportional to the
stack space already used by arguments should I think be fixed as well - I
think all glibc functions should have constant bounds on stack usage -
though certainly they are lower priority than cases where the arguments
may not take much stack space.)
--
You are receiving this mail because:
You are on the CC list for the bug.