[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: glibc segfault on "special" long double values is _ok_!?
From: |
Paul Mackerras |
Subject: |
Re: glibc segfault on "special" long double values is _ok_!? |
Date: |
Thu, 7 Jun 2007 08:51:42 +1000 |
Andreas Schwab writes:
> Jim Meyering <address@hidden> writes:
>
> > I'm interested, because I don't want my applications to segfault on such
> > inputs. Sure it may look a little far-fetched, but I think it's not.
> > Imagine such a bit pattern being injected into a network data stream
> > that is then printed as a long double. Just printing an arbitrary
> > "long double" should not make a server vulnerable to a DoS attack.
>
> In which way is this different from passing NULL to strlen?
In that long doubles are scalar values while strlen's argument is a
pointer value. In general with scalars there is no value whose
meaning or effect is undefined, unlike pointers.
If glibc can indeed be made to segfault just by doing printf on some
particular long double value then I think that is worth reporting as a
security vulnerability.
Paul.
- Re: glibc segfault on "special" long double values is _ok_!?, (continued)
- Re: glibc segfault on "special" long double values is _ok_!?, James Youngman, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, Jan-Benedict Glaw, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, James Youngman, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, Jan-Benedict Glaw, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, James Youngman, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, Nix, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, Jeremy Linton, 2007/06/08
- Re: glibc segfault on "special" long double values is _ok_!?, Nix, 2007/06/08
Re: glibc segfault on "special" long double values is _ok_!?,
Paul Mackerras <=
- Re: glibc segfault on "special" long double values is _ok_!?, Andreas Schwab, 2007/06/06
- Re: glibc segfault on "special" long double values is _ok_!?, Ulrich Drepper, 2007/06/06
- Re: glibc segfault on "special" long double values is _ok_!?, Bruno Haible, 2007/06/06
- Re: glibc segfault on "special" long double values is _ok_!?, Ulrich Drepper, 2007/06/06
- Re: glibc segfault on "special" long double values is _ok_!?, James Youngman, 2007/06/07
Re: glibc segfault on "special" long double values is _ok_!?, Bruno Haible, 2007/06/06
[PATCH] Re: glibc segfault on "special" long double values is _ok_!?, Jakub Jelinek, 2007/06/06
Re: glibc segfault on "special" long double values is _ok_!?, Jeremy Linton, 2007/06/07