This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
alloca avoidance patches
- From: Florian Weimer <fweimer at redhat dot com>
- To: GNU C Library <libc-alpha at sourceware dot org>
- Date: Mon, 19 Jun 2017 17:59:19 +0200
- Subject: alloca avoidance patches
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=fweimer at redhat dot com
- Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 771EE80F93
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 771EE80F93
As you might have seen, today a vulnerability was disclosed in
glibc/Linux/GCC, concerning alloca/VLAs, large stack frames, and
aliasing the stack and the heap.
I have posted an immediate stop-gap patch for the dynamic linker to fix
CVE-2017-1000366/swbz#21624. This should go in ASAP and should be
backported.
I also have non-conforming patches which use NAME_MAX and PATH_MAX for
additional mitigations. I'll post them shortly, but I expect that only
distributions will pick them up because they do not follow GNU standards
and will not work on the Hurd.
In additional, I have a series of patches which remove alloca from
libintl and vfprintf.
Thanks,
Florian