Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > gnu.bash.bug > #11371
| Path | csiph.com!optima2.xanadu-bbs.net!xanadu-bbs.net!news.glorb.com!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Chet Ramey <chet.ramey@case.edu> |
| Newsgroups | gnu.bash.bug |
| Subject | Re: Integer Overflow in braces |
| Date | Tue, 18 Aug 2015 10:37:44 -0400 |
| Lines | 20 |
| Approved | bug-bash@gnu.org |
| Message-ID | <mailman.8534.1439908681.904.bug-bash@gnu.org> (permalink) |
| References | <CABq52TYThGj9OtBn3xTti5scmA=WdnS7ULw3G6GMayPK6WR0+w@mail.gmail.com> <5768562.ErHXazUaoC@smorgbox> <20150818130433.GF4309@eeg.ccf.org> <1558903.maOEY5AuEr@smorgbox> |
| Reply-To | chet.ramey@case.edu |
| NNTP-Posting-Host | lists.gnu.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=utf-8 |
| Content-Transfer-Encoding | 7bit |
| X-Trace | usenet.stanford.edu 1439908682 13128 208.118.235.17 (18 Aug 2015 14:38:02 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | Greg Wooledge <wooledg@eeg.ccf.org>, Pasha K <pashakravtsov@gmail.com>, chet.ramey@case.edu |
| To | Dan Douglas <ormaaj@gmail.com>, bug-bash@gnu.org |
| Envelope-to | bug-bash@gnu.org |
| User-Agent | Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.0.1 |
| In-Reply-To | <1558903.maOEY5AuEr@smorgbox> |
| X-Junkmail-Status | score=10/50, host=mpv6.cwru.edu |
| X-Junkmail-Whitelist | YES (by domain whitelist at mpv2.tis.cwru.edu) |
| X-detected-operating-system | by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic] |
| X-Received-From | 129.22.105.37 |
| X-BeenThere | bug-bash@gnu.org |
| X-Mailman-Version | 2.1.14 |
| Precedence | list |
| List-Id | Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org> |
| List-Unsubscribe | <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe> |
| List-Archive | <http://lists.gnu.org/archive/html/bug-bash> |
| List-Post | <mailto:bug-bash@gnu.org> |
| List-Help | <mailto:bug-bash-request@gnu.org?subject=help> |
| List-Subscribe | <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe> |
| Xref | csiph.com gnu.bash.bug:11371 |
Show key headers only | View raw
On 8/18/15 9:12 AM, Dan Douglas wrote: > Actually I think I spoke too soon. There's already some considerable logic in > braces.c to check for overflow (e.g. around braces.c:390 shortly after > declaration of the int). Looks like there were some changes in this code last > year to "beef it up" a bit. (see commit > 67440bc5959a639359bf1dd7d655915bf6e9e7f1). I suspect this is probably fixed in > devel. Well, `fixed' is a tricky thing. There is code in bash-4.4 to use malloc instead of xmalloc -- which just aborts on failure -- but there is only so much you can do to protect someone from himself. Chet -- ``The lyf so short, the craft so long to lerne.'' - Chaucer ``Ars longa, vita brevis'' - Hippocrates Chet Ramey, ITS, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/
Back to gnu.bash.bug | Previous | Next | Find similar
Re: Integer Overflow in braces Chet Ramey <chet.ramey@case.edu> - 2015-08-18 10:37 -0400
csiph-web