/[packages]/cauldron/glibc/current/SOURCES/113-CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch
ViewVC logotype

Diff of /cauldron/glibc/current/SOURCES/113-CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

cauldron/glibc/current/SOURCES/glibc-2.20-CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch revision 816185 by tmb, Sun Dec 21 21:14:15 2014 UTC cauldron/glibc/current/SOURCES/113-CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch revision 816251 by tmb, Sat Feb 21 20:29:13 2015 UTC
# Line 1  Line 1 
1  From a3a1f4163c4d0f9a36056c8640661a88674ae8a2 Mon Sep 17 00:00:00 2001  From a3a1f4163c4d0f9a36056c8640661a88674ae8a2 Mon Sep 17 00:00:00 2001
2  From: Jeff Law <law@redhat.com>  From: Jeff Law <law@redhat.com>
3  Date: Mon, 15 Dec 2014 10:09:07 +0100  Date: Mon, 15 Dec 2014 10:09:32 +0100
4  Subject: [PATCH] CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]  Subject: [PATCH 13/18] CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
5    
6  A larger number of format specifiers coudld cause a stack overflow,  A larger number of format specifiers coudld cause a stack overflow,
7  potentially allowing to bypass _FORTIFY_SOURCE format string  potentially allowing to bypass _FORTIFY_SOURCE format string
# Line 25  Conflicts: Line 25  Conflicts:
25   create mode 100644 stdio-common/bug23-3.c   create mode 100644 stdio-common/bug23-3.c
26   create mode 100644 stdio-common/bug23-4.c   create mode 100644 stdio-common/bug23-4.c
27    
28  #diff --git a/ChangeLog b/ChangeLog  diff --git a/ChangeLog b/ChangeLog
29  #index ac7d980..88d2f1e 100644  index ac7d980..88d2f1e 100644
30  #--- a/ChangeLog  --- a/ChangeLog
31  #+++ b/ChangeLog  +++ b/ChangeLog
32  #@@ -1,3 +1,12 @@  @@ -1,3 +1,12 @@
33  #+2014-12-15  Jeff Law  <law@redhat.com>  +2014-12-15  Jeff Law  <law@redhat.com>
34  #+  +
35  #+      [BZ #16617]  +       [BZ #16617]
36  #+      * stdio-common/vfprintf.c (vfprintf): Allocate large specs array  +       * stdio-common/vfprintf.c (vfprintf): Allocate large specs array
37  #+      on the heap.  (CVE-2012-3406)  +       on the heap.  (CVE-2012-3406)
38  #+      * stdio-common/bug23-2.c, stdio-common/bug23-3.c: New file.  +       * stdio-common/bug23-2.c, stdio-common/bug23-3.c: New file.
39  #+      * stdio-common/bug23-4.c: New file.  Test case by Joseph Myers.  +       * stdio-common/bug23-4.c: New file.  Test case by Joseph Myers.
40  #+      * stdio-common/Makefile (tests): Add bug23-2, bug23-3, bug23-4.  +       * stdio-common/Makefile (tests): Add bug23-2, bug23-3, bug23-4.
41  #+  +
42  # 2014-11-24  Siddhesh Poyarekar  <siddhesh@redhat.com>   2014-11-24  Siddhesh Poyarekar  <siddhesh@redhat.com>
43  #  
44  #       [BZ #17266]          [BZ #17266]
45  #diff --git a/NEWS b/NEWS  diff --git a/NEWS b/NEWS
46  #index 3de92cd..f6cdb66 100644  index 3de92cd..f6cdb66 100644
47  #--- a/NEWS  --- a/NEWS
48  #+++ b/NEWS  +++ b/NEWS
49  #@@ -9,7 +9,7 @@ Version 2.20.1  @@ -9,7 +9,7 @@ Version 2.20.1
50  #  
51  # * The following bugs are resolved with this release:   * The following bugs are resolved with this release:
52  #  
53  #-  17266, 17370, 17371, 17460, 17485, 17555, 17625.  -  17266, 17370, 17371, 17460, 17485, 17555, 17625.
54  #+  16617, 17266, 17370, 17371, 17460, 17485, 17555, 17625.  +  16617, 17266, 17370, 17371, 17460, 17485, 17555, 17625.
55  #  
56  # * CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag   * CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag
57  #   under certain input conditions resulting in the execution of a shell for     under certain input conditions resulting in the execution of a shell for
58  #@@ -17,6 +17,8 @@ Version 2.20.1  @@ -17,6 +17,8 @@ Version 2.20.1
59  #   implementation now checks WRDE_NOCMD immediately before executing the     implementation now checks WRDE_NOCMD immediately before executing the
60  #   shell and returns the error WRDE_CMDSUB as expected.     shell and returns the error WRDE_CMDSUB as expected.
61  #  
62  #+* CVE-2012-3406 printf-style functions could run into a stack overflow when  +* CVE-2012-3406 printf-style functions could run into a stack overflow when
63  #+  processing format strings with a large number of format specifiers.a  +  processing format strings with a large number of format specifiers.a
64  #  
65  # Version 2.20   Version 2.20
66  #  
67  diff --git a/stdio-common/Makefile b/stdio-common/Makefile  diff --git a/stdio-common/Makefile b/stdio-common/Makefile
68  index 5f8e534..e5e45b6 100644  index 5f8e534..e5e45b6 100644
69  --- a/stdio-common/Makefile  --- a/stdio-common/Makefile
# Line 324  index c4ff833..429a3d1 100644 Line 324  index c4ff833..429a3d1 100644
324       free (args_malloced);       free (args_malloced);
325     if (__glibc_unlikely (workstart != NULL))     if (__glibc_unlikely (workstart != NULL))
326  --  --
327  1.8.4.5  2.3.0
328    
Legend:
Removed from v.816185  
changed lines
  Added in v.816251
  ViewVC Help
Powered by ViewVC 1.1.30