[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Integer Overflow in braces
|
From: |
Chet Ramey |
|
Subject: |
Re: Integer Overflow in braces |
|
Date: |
Tue, 18 Aug 2015 10:37:44 -0400 |
|
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.0.1 |
On 8/18/15 9:12 AM, Dan Douglas wrote:
> Actually I think I spoke too soon. There's already some considerable logic in
> braces.c to check for overflow (e.g. around braces.c:390 shortly after
> declaration of the int). Looks like there were some changes in this code last
> year to "beef it up" a bit. (see commit
> 67440bc5959a639359bf1dd7d655915bf6e9e7f1). I suspect this is probably fixed
> in
> devel.
Well, `fixed' is a tricky thing. There is code in bash-4.4 to use malloc
instead of xmalloc -- which just aborts on failure -- but there is only so
much you can do to protect someone from himself.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU chet@case.edu http://cnswww.cns.cwru.edu/~chet/
- Integer Overflow in braces, Pasha K, 2015/08/16
- Re: Integer Overflow in braces, Greg Wooledge, 2015/08/17
- Re: Integer Overflow in braces, Pasha K, 2015/08/17
- Re: Integer Overflow in braces, Eric Blake, 2015/08/18
- Re: Integer Overflow in braces, John McKown, 2015/08/18
- Re: Integer Overflow in braces, Dan Douglas, 2015/08/18
- Re: Integer Overflow in braces, Greg Wooledge, 2015/08/18
- Re: Integer Overflow in braces, Dan Douglas, 2015/08/18
- Re: Integer Overflow in braces,
Chet Ramey <=
- Re: Integer Overflow in braces, Eduardo A . Bustamante López, 2015/08/20