This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] Fix BZ #17916 fopen unbounded stack usage for ccs= modes
- From: Florian Weimer <fweimer at redhat dot com>
- To: Paul Pluzhnikov <ppluzhnikov at google dot com>
- Cc: Joseph Myers <joseph at codesourcery dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 24 Feb 2015 10:47:13 +0100
- Subject: Re: [patch] Fix BZ #17916 fopen unbounded stack usage for ccs= modes
- Authentication-results: sourceware.org; auth=none
- References: <CALoOobPBCpZwMyF5F_4XzNJKKi64xMGtWgBXO_iDU_HpZ6+V9g at mail dot gmail dot com> <874mqdbr1w dot fsf at mid dot deneb dot enyo dot de> <CALoOobMKYAvdj63=7JKyQTPZHx_6c_0RVTxXjcLk-_wyFYWryg at mail dot gmail dot com> <alpine dot DEB dot 2 dot 10 dot 1502231632100 dot 7064 at digraph dot polyomino dot org dot uk> <CALoOobOsHaTWbf9xKjLB6TxbtUvnT4v704Y+pixbra8ODrJaFw at mail dot gmail dot com>
On 02/24/2015 06:00 AM, Paul Pluzhnikov wrote:
> On Mon, Feb 23, 2015 at 8:33 AM, Joseph Myers <joseph@codesourcery.com> wrote:
>
>> Typically such tests use setrlimit to set a stack limit lower than the
>> amount of stack space the code used before the fix.
>
> Thanks. I've updated the test and verified that it fails with stack
> overflow if I revert the fix.
> 2015-02-22 Paul Pluzhnikov <ppluzhnikov@google.com>
>
> [BZ #17916]
> * libio/fileops.c (_IO_new_file_fopen): Limit stack use
> * libio/tst-fopenloc.c (do_test, do_bz17916): Add a large ccs= test
Thanks, this is okay to commit.
--
Florian Weimer / Red Hat Product Security