| commit | 4d54424420c6300efbf57a7b9aa8635a8b8c1942 | |
| author | Paul Pluzhnikov <ppluzhnikov@google.com> | |
| Fri, 6 Feb 2015 05:30:42 +0000 (6 00:30 -0500) | ||
| committer | Mike Frysinger <vapier@gentoo.org> | |
| Mon, 16 Feb 2015 10:26:49 +0000 (16 05:26 -0500) | ||
| tree | b87845b3970fac459cae136a751a5c0e1f7816ca | treesnapshot (tar.gz zip) |
| parent | 1bf9d48aec087062e2a14b77cb5ee1fa81be334c | commitdiff |
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
(cherry picked from commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06)
Conflicts:
ChangeLog
NEWS
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
(cherry picked from commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06)
Conflicts:
ChangeLog
NEWS
| ChangeLog | diffblobblamehistory | |
| NEWS | diffblobblamehistory | |
| stdio-common/tst-sscanf.c | diffblobblamehistory | |
| stdio-common/vfscanf.c | diffblobblamehistory |