This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Greetings, Calling 'setenv(..., NULL, 1)' invokes undefined behavior. Unfortunately, wordexp() itself does it, triggering subsequent buffer overflow. See http://sourceware.org/bugzilla/show_bug.cgi?id=18043#c19. Attached trivial patch stops wordexp from doing that. 2015-03-09 Paul Pluzhnikov <ppluzhnikov@google.com> [BZ #18043] * posix/wordexp.c (parse_param): Don't call setenv(..., NULL, 1). -- Paul Pluzhnikov
Attachment:
bz18043.patch5.txt
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |