This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug string/19390] Integer overflow in strncat

From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Tue, 03 Jan 2017 16:25:58 +0000
Subject: [Bug string/19390] Integer overflow in strncat
Auto-submitted: auto-generated
References: <bug-19390-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=19390

--- Comment #9 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  8dad72997af2be0dc72a4bc7dbe82d85c90334fc (commit)
      from  d4d629e6187e33050902824a94498b6096eacac9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8dad72997af2be0dc72a4bc7dbe82d85c90334fc

commit 8dad72997af2be0dc72a4bc7dbe82d85c90334fc
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date:   Tue Jan 3 12:19:12 2017 -0200

    Fix x86 strncat optimized implementation for large sizes

    Similar to BZ#19387, BZ#21014, and BZ#20971, both x86 sse2 strncat
    optimized assembly implementations do not handle the size overflow
    correctly.

    The x86_64 one is in fact an issue with strcpy-sse2-unaligned, but
    that is triggered also with strncat optimized implementation.

    This patch uses a similar strategy used on 3daef2c8ee4df2, where
    saturared math is used for overflow case.

    Checked on x86_64-linux-gnu and i686-linux-gnu.  It fixes BZ #19390.

        [BZ #19390]
        * string/test-strncat.c (test_main): Add tests with SIZE_MAX as
        maximum string size.
        * sysdeps/i386/i686/multiarch/strcat-sse2.S (STRCAT): Avoid overflow
        in pointer addition.
        * sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S (STRCPY):
        Likewise.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                        |   10 ++++++++++
 string/test-strncat.c                            |   15 +++++++++++++++
 sysdeps/i386/i686/multiarch/strcat-sse2.S        |    2 ++
 sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S |    2 ++
 4 files changed, 29 insertions(+), 0 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]