From 141f3a77fe4f1b59b0afa9bf6909cd2000448883 Mon Sep 17 00:00:00 2001
From: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Mon, 23 Sep 2013 11:20:02 +0530
Subject: Fall back to non-cached sequence traversal and comparison on malloc
 fail

strcoll currently falls back to alloca if malloc fails, resulting in a
possible stack overflow.  This patch implements sequence traversal and
comparison without caching indices and rules.

Fixes CVE-2012-4424.
---
 ChangeLog | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 25664f0ad8..148479ed2a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2013-09-23  Siddhesh Poyarekar  <siddhesh@redhat.com>
+
+	[BZ #14547]
+	* string/strcoll_l.c (coll_seq): New members rule, idx,
+	save_idx and back_us.
+	(get_next_seq_nocache): New function.
+	(do_compare_nocache): New function.
+	(STRCOLL): Use get_next_seq_nocache and do_compare_nocache
+	when malloc fails.
+
 2013-09-23  Carlos O'Donell  <carlos@redhat.com>
 
 	[BZ #15754]
-- 
cgit 1.4.1