This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug glob/22325] New: Memory leak in glob with GLOB_TILDE
- From: "fweimer at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 20 Oct 2017 10:39:56 +0000
- Subject: [Bug glob/22325] New: Memory leak in glob with GLOB_TILDE
- Auto-submitted: auto-generated
https://sourceware.org/bugzilla/show_bug.cgi?id=22325
Bug ID: 22325
Summary: Memory leak in glob with GLOB_TILDE
Product: glibc
Version: 2.26
Status: NEW
Severity: normal
Priority: P2
Component: glob
Assignee: unassigned at sourceware dot org
Reporter: fweimer at redhat dot com
Target Milestone: 2.27
Flags: security+
This commit:
commit c66c908230169c1bab1f83b071eb585baa214b9f
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Mon Sep 4 14:53:38 2017 -0300
posix: Sync glob with gnulib [BZ #1062]
fixed a memory leak in glob, with GLOB_TILDE and a pattern like "~xxx…xxx\\/*"
(many x's are needed to trigger heap allocation).
This looks like a minor security vulnerability (denial of service due to heap
exhaustion).
--
You are receiving this mail because:
You are on the CC list for the bug.