Summary: | Wild read in wordexp (parse_param) (CVE-2021-35942) | ||
---|---|---|---|
Product: | glibc | Reporter: | Philippe Antoine <p.antoine> |
Component: | libc | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | drepper.fsp, fweimer, siddhesh |
Priority: | P2 | Flags: | siddhesh:
security+
|
Version: | 2.23 | ||
Target Milestone: | 2.34 | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Philippe Antoine
2021-06-25 12:24:55 UTC
Fixed in 2.34. Thanks Andreas The fix: From: Andreas Schwab <schwab@linux-m68k.org> Date: Fri, 25 Jun 2021 13:02:47 +0000 (+0200) Subject: wordexp: handle overflow in positional parameter number (bug 28011) X-Git-Url: https://sourceware.org/git/?p=glibc.git;a=commitdiff_plain;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c wordexp: handle overflow in positional parameter number (bug 28011) Use strtoul instead of atoi so that overflow can be detected. |