[PATCH] PR other/54411: libiberty: objalloc_alloc integer overflows (CVE-2012-3509)
Florian Weimer
fweimer@redhat.com
Mon Sep 17 09:49:00 GMT 2012
On 09/05/2012 07:31 AM, Ian Lance Taylor wrote:
> On Wed, Aug 29, 2012 at 10:32 AM, Florian Weimer <fw@deneb.enyo.de> wrote:
>>
>> This patches fixes an integer overflow in libiberty, which leads to
>> crashes in binutils. The long version of the objalloc_alloc macro
>> would have needed another conditional, so I removed that and replaced
>> it with a call to the actual implementation.
>
> I guess I don't see why removing the macro is desirable. In many uses
> of objalloc_alloc the conditional can be optimized out anyhow. It's
> true that it can't always be, but, so what? The macro is probably
> still a win.
Fair enough. I've added a wraparound check to the macro. Okay for trunk?
--
Florian Weimer / Red Hat Product Security Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: objalloc_alloc.patch
Type: text/x-patch
Size: 2345 bytes
Desc: not available
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20120917/a8b2b6c0/attachment.bin>
More information about the Gcc-patches
mailing list