This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.


On 11 September 2013 15:32, Will Newton <will.newton@linaro.org> wrote:
> These patches should also apply cleanly to 2.18, should I cherry pick
> them there too?

David owns 2.18, so he can take that call.

> Also I am not sure if it is worth allocating a CVE number for these
> issues - pvalloc and valloc seem very rarely used but memalign and
> posix_memalign are more common.

It would be useful to allocate a CVE number.  The fact that pvalloc
and valloc are rarely used doesn't matter in this decision - it
matters when evaluating the impact of the bug.

Siddhesh
-- 
http://siddhesh.in


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]