[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: glibc segfault on "special" long double values is _ok_!?
From: |
Jim Meyering |
Subject: |
Re: glibc segfault on "special" long double values is _ok_!? |
Date: |
Wed, 06 Jun 2007 16:13:32 +0200 |
Andreas Schwab <address@hidden> wrote:
> Jim Meyering <address@hidden> writes:
>
>> Andreas Schwab <address@hidden> wrote:
>>> Jim Meyering <address@hidden> writes:
>>>
>>>> I'm interested, because I don't want my applications to segfault on such
>>>> inputs. Sure it may look a little far-fetched, but I think it's not.
>>>> Imagine such a bit pattern being injected into a network data stream
>>>> that is then printed as a long double. Just printing an arbitrary
>>>> "long double" should not make a server vulnerable to a DoS attack.
>>>
>>> In which way is this different from passing NULL to strlen?
>>
>> I'm surprised to hear you arguing that it is desirable for glibc's printf
>> implementation to segfault for a long-double with an unusual bit pattern.
>
> In which way is this different from printf("%s", (char*)1)?
Posing the question for printf("%s", NULL) wouldn't have made
the same point, Eh?
Just because standards leave it undefined doesn't mean
that "segfault" is the best response -- or even a "good" one.
Standards conformance is obviously not the issue here.
Re: glibc segfault on "special" long double values is _ok_!?, James Youngman, 2007/06/06
- Re: glibc segfault on "special" long double values is _ok_!?, Jan-Benedict Glaw, 2007/06/07
- Re: glibc segfault on "special" long double values is _ok_!?, Jakub Jelinek, 2007/06/07
- Re: glibc segfault on "special" long double values is _ok_!?, Mike Frysinger, 2007/06/07
- Re: glibc segfault on "special" long double values is _ok_!?, Jan-Benedict Glaw, 2007/06/07
- Re: glibc segfault on "special" long double values is _ok_!?, Mike Frysinger, 2007/06/07