diff options
| author | Zack Weinberg <zackw@panix.com> | 2015-08-14 09:21:44 -0400 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2015-08-14 22:40:19 -0400 |
| commit | 8ff5e0ec497613e578219c9c3d49053c550b9269 (patch) | |
| tree | d35487ff0ad78c4f404883dcb2a0f7835a85137e /ChangeLog | |
| parent | 739babd775d4b69525e3494cad4310742a9b360a (diff) | |
| download | glibc-8ff5e0ec497613e578219c9c3d49053c550b9269.tar.gz glibc-8ff5e0ec497613e578219c9c3d49053c550b9269.tar.xz glibc-8ff5e0ec497613e578219c9c3d49053c550b9269.zip | |
stpncpy: fix size checking [BZ #18975]
I think the last clause of the conditional, || __n <= __bos (__dest) may be backward. The code should call the runtime-checking function if __n is not constant, or if __n is known to be LARGER than the size of the destination.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index f510bea1bd..67d3517f88 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2015-08-15 Zack Weinberg <zackw@panix.com> + + [BZ #18975] + * string/bits/string3.h (stpncpy): Call __stpncpy_chk if the + buffer length is known to be too large, not if it's known to be + small enough. + * debug/tst-chk1.c (do_test): Do all tests for catching a buffer + overflow at runtime, involving a length parameter, twice: once + with a compile-time constant length parameter, once without. + 2015-08-14 Joseph Myers <joseph@codesourcery.com> [BZ #18824] |