[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Re: CVE Request: glibc getaddrinfo() stack overflow
From: Florian Weimer <fweimer () redhat ! com>
Date: 2013-08-22 7:18:59
Message-ID: 5215BB63.80202 () redhat ! com
[Download RAW message or body]
On 07/04/2013 09:06 PM, Maksymilian wrote:
>> Perhaps there are some missing CVE ids?
>
> In 2011 the problem with alloca() was not defined as a vulnerability.
>
> http://sourceware.org/bugzilla/show_bug.cgi?id=12671
I believe the analysis in this bug report is incorrect. The security
implications are unclear. A straight copy of a long name to a stack
buffer should trigger a crash because it hits the guard page, but even
that could be a problem for daemons.
On the other hand, it's impossible to know for sure that no GCC version
ever lays out the stack in such a way that we end up with a problem.
Multi-threaded programs linking in script interpreters are more exposed
to these problems, too.
--
Florian Weimer / Red Hat Product Security Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic