This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug malloc/14483] obstack uses int for allocation sizes
- From: "amodra at gmail dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Thu, 24 Jul 2014 07:00:56 +0000
- Subject: [Bug malloc/14483] obstack uses int for allocation sizes
- Auto-submitted: auto-generated
- References: <bug-14483-131 at http dot sourceware dot org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=14483
Alan Modra <amodra at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
CC| |amodra at gmail dot com
Assignee|unassigned at sourceware dot org |amodra at gmail dot com
--- Comment #3 from Alan Modra <amodra at gmail dot com> ---
Using int for sizes in the current obstack code is also a security breach, a
buffer overflow on steroids. A default buffer of around 4k is seen as
sufficiently large to write a 2G+ object.. This is true for both 32-bit and
64-bit targets.
See https://sourceware.org/bugzilla/show_bug.cgi?id=17133
--
You are receiving this mail because:
You are on the CC list for the bug.