| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246) | Arjun Shankar | 2024-01-30 | 1 | -0/+0 |
| __vsyslog_internal did not handle a case where printing a SYSLOG_HEADER containing a long program name failed to update the required buffer size, leading to the allocation and overflow of a too-small buffer on the heap. This commit fixes that. It also adds a new regression test that uses glibc.malloc.check. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com> | |||||
 |
index : mirror/glibc | |
| mirror of git://sourceware.org/git/glibc.git | Leah Neukirchen |
| about summary refs log tree commit diff |