[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

glibc segfault on "special" long double values is _ok_!?

From: Jim Meyering
Subject: glibc segfault on "special" long double values is _ok_!?
Date: Wed, 06 Jun 2007 14:32:20 +0200

Hi Andreas,

Did you mean to close this bug as "resolved/invalid"?

    printf crashes on some 'long double' values
    [BTW, it segfaults on i686 rawhide, even with no compiler options]

I'm interested, because I don't want my applications to segfault on such
inputs.  Sure it may look a little far-fetched, but I think it's not.
Imagine such a bit pattern being injected into a network data stream
that is then printed as a long double.  Just printing an arbitrary
"long double" should not make a server vulnerable to a DoS attack.

If glibc were to stay this way, I would feel obliged to make applications
I care about pull in the gnulib replacement printf infrastructure even
when my system provides the latest glibc.  That would be a shame.

It may well be that the current glibc behavior is not prohibited by
any standard, but I think that "quality of implementation" concerns
(not to mention a desire for robustness and security) would dictate a
more manageable result.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]