about summary refs log tree commit diff
path: root/locale
diff options
context:
space:
mode:
authorJoseph Myers <joseph@codesourcery.com>2017-01-11 13:59:01 +0000
committerJoseph Myers <joseph@codesourcery.com>2017-01-11 13:59:01 +0000
commit436cfba0abf749e5993b52dce589bae482f8c58a (patch)
tree2b1153745a68dd6317f624d3ee39519e263e07cd /locale
parent38d01bd6df937f69c881df61b111492e941f2b74 (diff)
downloadglibc-436cfba0abf749e5993b52dce589bae482f8c58a.tar.gz
glibc-436cfba0abf749e5993b52dce589bae482f8c58a.tar.xz
glibc-436cfba0abf749e5993b52dce589bae482f8c58a.zip
Fix ld-address format-truncation error.
With the elf/sotruss-lib.c failure fixed, building 64-bit glibc with
GCC mainline fails with another format-truncation error in
locale/programs/ld-address.c, where 11 bytes are allocated for a
buffer to print a long int value.

This patch changes that code to allocate 21 bytes.  Treating this
value as signed is questionable and I don't think large values are
actually useful here, but I think those can be considered as instances
of bug 21036 which I've filed for overflow checks for numeric values
in localedef in general, and don't need to be addressed to fix the
build.

Tested with GCC mainline with compilation for aarch64 with
build-many-glibcs.py, and with glibc testsuite for x86_64 (built with
GCC 6).

(Note that while this fixes the build of 64-bit glibc with GCC
mainline, further fixes will be needed to get the testsuite building
with GCC mainline again.)

	* locale/programs/ld-address.c (INT_STR_ELEM): Increase size of
	buffer used to print long int value.
Diffstat (limited to 'locale')
-rw-r--r--locale/programs/ld-address.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/locale/programs/ld-address.c b/locale/programs/ld-address.c
index 3c13e68af3..2488a5ce5c 100644
--- a/locale/programs/ld-address.c
+++ b/locale/programs/ld-address.c
@@ -485,8 +485,8 @@ address_read (struct linereader *ldfile, struct localedef_t *result,
 		address->cat = arg->val.str.startmb;			      \
 	      else							      \
 		{							      \
-		  char *numbuf = (char *) xmalloc (11);			      \
-		  snprintf (numbuf, 11, "%ld", arg->val.num);		      \
+		  char *numbuf = (char *) xmalloc (21);			      \
+		  snprintf (numbuf, 21, "%ld", arg->val.num);		      \
 		  address->cat = numbuf;				      \
 		}							      \
 	    }								      \