mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-15 15:06:42 +00:00
Code Issues Releases Activity
09b57b7f40
freebsd/lib/libc
History
Pedro F. Giffuni 0f23ab8aac Fix out-of-bounds read in libc/regex. 
The bug is an out-of-bounds read detected with address sanitizer that
happens when 'sp' in p_b_coll_elems() includes NUL byte[s], e.g. if it's
equal to "GS\x00". In that case len will be equal to 4, and the
strncmp(cp->name, sp, len) call will succeed when cp->name is "GS" but the
cp->name[len] == '\0' comparison will cause the read to go out-of-bounds.

Checking the length using strlen() instead eliminates the issue.

The bug was found in LLVM with oss-fuzz:
	https://reviews.llvm.org/D39380

MFC after:	1 week
Obtained from:	Vlad Tsyrklevich through posting on openbsd-tech
2017-10-28 20:09:34 +00:00
..
aarch64 Decrease relative branch brittleness. 2017-06-20 07:25:38 +00:00
amd64 Optimize libc to get and set TLS using the RDFSBASE and RDGSBASE 2017-08-21 17:39:12 +00:00
arm Save VFP state in getcontext(3) on ARM. 2017-10-16 12:53:54 +00:00
capability
compat-43
db
gdtoa
gen Add OID for the vm.overcommit sysctl. This makes it possible to remove 2017-10-22 10:35:29 +00:00
gmon
i386 force use of ld.bfd for linking i386 libc, even when using lld 2017-08-16 18:55:39 +00:00
iconv __iconv_get_list: separate .Nm entries with commas 2017-05-23 07:02:01 +00:00
include In the stdio cleanup push and pop wrappers, always call libc stubs for 2017-06-30 20:27:51 +00:00
inet libc: remove use of archaic __P() macro 2017-03-30 01:03:07 +00:00
isc
locale __setrunelocale: Fix asprintf(3) failure not returning an error. 2017-09-29 16:30:50 +00:00
md
mips Include {u,}{div,mod}si3() on mips in libcompiler_rt. 2017-08-21 17:49:01 +00:00
nameser
net mdoc style: start new sentence on new line 2017-10-04 12:58:30 +00:00
nls
posix1e acl_to_text(3): start sentences on new lines 2017-05-23 07:12:31 +00:00
powerpc
powerpc64
powerpcspe
quad
regex Fix out-of-bounds read in libc/regex. 2017-10-28 20:09:34 +00:00
resolv
riscv Support for v1.10 (latest) of RISC-V privilege specification. 2017-08-10 14:18:09 +00:00
rpc Revert r300385 and r300624 which was false positive 2017-06-30 07:04:10 +00:00
secure
softfloat
sparc64
stdio Revert r325031. This breaks the build due to __FBSDID. 2017-10-27 05:04:29 +00:00
stdlib Improve standard compliance for memset_s() and abort_handler_s(). 2017-08-12 15:18:17 +00:00
stdtime
string Improve standard compliance for memset_s() and abort_handler_s(). 2017-08-12 15:18:17 +00:00
sys Define RB_POWERCYCLE 2017-10-25 15:30:20 +00:00
tests getmntinfo(3): Scale faster, and return sooner 2017-08-25 16:38:21 +00:00
uuid
x86/sys Fix a regression in r321608. 2017-08-13 14:42:23 +00:00
xdr * limit size of buffers to RPC_MAXDATASIZE 2017-06-01 06:12:25 +00:00
yp
libc_nossp.ldscript
libc.ldscript
Makefile Support armv7 builds for userland 2017-10-05 23:01:33 +00:00
Makefile.depend
Versions.def