This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH][BZ #15672] Fix error_tail overflow in allocation calculation.

From: "Joseph S. Myers" <joseph at codesourcery dot com>
To: OndÅej BÃlka <neleai at seznam dot cz>
Cc: <libc-alpha at sourceware dot org>
Date: Mon, 14 Oct 2013 13:59:17 +0000
Subject: Re: [PATCH][BZ #15672] Fix error_tail overflow in allocation calculation.
Authentication-results: sourceware.org; auth=none
References: <20131014125751 dot GA22906 at domone dot podge>

On Mon, 14 Oct 2013, Ondrej Bilka wrote:

> @@ -165,7 +165,7 @@ error_tail (int status, int errnum, const char *message, va_list args)
>  	  if (res != len)
>  	    break;
>  
> -	  if (__builtin_expect (len >= SIZE_MAX / 2, 0))
> +	  if (__builtin_expect (len * sizeof (wchar_t) >= SIZE_MAX / 2, 0))

No, that's incorrect, as len * sizeof (wchar_t) can overflow size_t.  You 
need to compare len directly with SIZE_MAX / 2 / sizeof (wchar_t).

-- 
Joseph S. Myers
joseph@codesourcery.com

Follow-Ups:
- Re: [PATCH][BZ #15672] Fix error_tail overflow in allocation calculation.
  - From: OndÅej BÃlka

References:
- [PATCH][BZ #15672] Fix error_tail overflow in allocation calculation.
  - From: OndÅej BÃlka

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]