Fix BZ 22786: integer addition overflow may cause stack buffer overflow

when realpath() input length is close to SSIZE_MAX. 2018-05-09 Paul Pluzhnikov <ppluzhnikov@google.com> [BZ #22786] * stdlib/canonicalize.c (__realpath): Fix overflow in path length computation. * stdlib/Makefile (test-bz22786): New test. * stdlib/test-bz22786.c: New test.
author: Paul Pluzhnikov <ppluzhnikov@google.com> 2018-05-08 18:12:41 -0700
committer: Paul Pluzhnikov <ppluzhnikov@google.com> 2018-05-08 18:12:41 -0700
commit: 5460617d1567657621107d895ee2dd83bc1f88f2 (patch)
tree: 478c1a918b575f667e34721dd6b1232b59b52554 /ChangeLog
parent: aaee3cd88ed58f332f261021d78d071db6265e85 (diff)
download: glibc-5460617d1567657621107d895ee2dd83bc1f88f2.tar.gz
glibc-5460617d1567657621107d895ee2dd83bc1f88f2.tar.xz
glibc-5460617d1567657621107d895ee2dd83bc1f88f2.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 02528b6eb0..4164b32036 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2018-05-09  Paul Pluzhnikov  <ppluzhnikov@google.com>
+
+	[BZ #22786]
+	* stdlib/canonicalize.c (__realpath): Fix overflow in path length
+	computation.
+	* stdlib/Makefile (test-bz22786): New test.
+	* stdlib/test-bz22786.c: New test.
+
 2018-05-09  Joseph Myers  <joseph@codesourcery.com>
 
 	* include/math-narrow-eval.h: New file.  Contents moved from ....
author	Paul Pluzhnikov <ppluzhnikov@google.com>	2018-05-08 18:12:41 -0700
committer	Paul Pluzhnikov <ppluzhnikov@google.com>	2018-05-08 18:12:41 -0700
commit	5460617d1567657621107d895ee2dd83bc1f88f2 (patch)
tree	478c1a918b575f667e34721dd6b1232b59b52554 /ChangeLog
parent	aaee3cd88ed58f332f261021d78d071db6265e85 (diff)
download	glibc-5460617d1567657621107d895ee2dd83bc1f88f2.tar.gz glibc-5460617d1567657621107d895ee2dd83bc1f88f2.tar.xz glibc-5460617d1567657621107d895ee2dd83bc1f88f2.zip