This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Fix nan functions handling of payload strings (bug 16961, bug 16962)


On 11/27/2015 01:26 AM, Joseph Myers wrote:

> Carlos, the NEWS entry is a consequence of what you said in
> <https://sourceware.org/ml/libc-alpha/2015-10/msg00776.html> about
> security+ bugs (such as this one, involving an unbounded stack
> allocation from what could theoretically be untrusted input) getting
> such entries.  Does it seem right to you?  Once the NEWS entry is
> resolved, I intend to commit this patch.

> +* The nan, nanf and nanl functions no longer have unbounded stack usage
> +  depending on the length of the string passed as an argument to the
> +  functions.  Reported by Joseph Myers.
> +

I think reporters of security bugs want their bugs marked as security
bugs.  This could be achieve by putting them into a separate section, or
adding a “SECURITY: ” prefix or something like that.

My attempts to secure CVE assignments for public glibc bugs have not
been successful so far.  If we had CVE identifiers for security bugs,
that would serve as a useful marker as well.

Florian


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]