[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fw: Unsafe code in libc in 3.0-RELEASE FreeBSD i386


 Никто не смотрел ?


-----Original Message-----
From: Archie Cobbs <archie@whistle.com>
To: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Cc: Igor Gousarov <igusarov@chat.ru>; freebsd-hackers@FreeBSD.ORG
Date: 17 aaaonoa 1999 a. 23:41
Subject: Re: Unsafe code in libc in 3.0-RELEASE FreeBSD i386

Dag-Erling Smorgrav writes:
> Archie Cobbs <archie@whistle.com> writes:
> > Igor Gousarov writes:
> > > The source file for setlocale function
> > > contains the line which might put libc into infinite loop:
> > > [...]
> > Please file a PR to make sure that this doesn't "slip through
> > the cracks"...
> It seems to have slipped through the cracks. Good thing I had a
> process mark on this message. What do you think of the attached patch
> (against -CURRENT)?
> I think there's still a possibility of new_categories being overrun,
> since there's no bounds checking on i in the do ... while (*locale)
> loop. I suggest that a careful audit by somebody who knows this code
> (or at least knows what it's supposed to do).

Sorry for the late reply..

I think I understand what that do { } while loop is trying to do.
Basically, LC_ALL can either be a single locale, in which case all
categories should get that locale, or else several locales all
separated by slashes, in which case consecutive categories get
the respective locales.

I've re-written your patch and simplified it a bit. Let me know what
you think (ie, please review).


Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message