This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug stdio/16617] printf stack overflow with many format specs (CVE-2012-3406)

From: "joseph at codesourcery dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Sat, 22 Feb 2014 02:57:24 +0000
Subject: [Bug stdio/16617] printf stack overflow with many format specs (CVE-2012-3406)
Auto-submitted: auto-generated
References: <bug-16617-131 at http dot sourceware dot org/bugzilla/>

http://sourceware.org/bugzilla/show_bug.cgi?id=16617

--- Comment #3 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
Use of malloc for various things in printf is the status quo; any change 
to allocation strategy (e.g. to use a signal-safe allocator when the 
allocations get too big for alloca) could be done everywhere at the same 
time, so is unaffected by fixing existing uses of alloca.

In this case, you only need one format argument, used repeatedly with 
%1$d.  (Cases where alloca is used to allocate memory proportional to the 
stack space already used by arguments should I think be fixed as well - I 
think all glibc functions should have constant bounds on stack usage - 
though certainly they are lower priority than cases where the arguments 
may not take much stack space.)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

References:
- [Bug stdio/16617] New: printf stack overflow with many format specs (CVE-2012-3406)
  - From: jsm28 at gcc dot gnu.org

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]