Fix path length overflow in realpath [BZ #22786]

Integer addition overflow may cause stack buffer overflow when realpath() input length is close to SSIZE_MAX. 2018-05-09 Paul Pluzhnikov <ppluzhnikov@google.com> [BZ #22786] * stdlib/canonicalize.c (__realpath): Fix overflow in path length computation. * stdlib/Makefile (test-bz22786): New test. * stdlib/test-bz22786.c: New test. (cherry picked from commit 5460617d1567657621107d895ee2dd83bc1f88f2)
author: Paul Pluzhnikov <ppluzhnikov@google.com> 2018-05-08 18:12:41 -0700
committer: Fangrui Song <i@maskray.me> 2021-08-27 16:22:12 -0700
commit: 1073cbb0ba0736cd2180e1a227f8e065d4cdf289 (patch)
tree: 2c625a2168d62fab1302d6ec683125525718ab70 /ChangeLog
parent: c13e59843a121a140b5ecdfc83934692511b1b7f (diff)
download: glibc-1073cbb0ba0736cd2180e1a227f8e065d4cdf289.zip
glibc-1073cbb0ba0736cd2180e1a227f8e065d4cdf289.tar.gz
glibc-1073cbb0ba0736cd2180e1a227f8e065d4cdf289.tar.bz2
1 files changed, 8 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 14063a1..1419e89 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2018-05-09  Paul Pluzhnikov  <ppluzhnikov@google.com>
+
+	[BZ #22786]
+	* stdlib/canonicalize.c (__realpath): Fix overflow in path length
+	computation.
+	* stdlib/Makefile (test-bz22786): New test.
+	* stdlib/test-bz22786.c: New test.
+
 2018-05-05  Paul Pluzhnikov  <ppluzhnikov@google.com>
 
 	[BZ #20419]
author	Paul Pluzhnikov <ppluzhnikov@google.com>	2018-05-08 18:12:41 -0700
committer	Fangrui Song <i@maskray.me>	2021-08-27 16:22:12 -0700
commit	1073cbb0ba0736cd2180e1a227f8e065d4cdf289 (patch)
tree	2c625a2168d62fab1302d6ec683125525718ab70 /ChangeLog
parent	c13e59843a121a140b5ecdfc83934692511b1b7f (diff)
download	glibc-1073cbb0ba0736cd2180e1a227f8e065d4cdf289.zip glibc-1073cbb0ba0736cd2180e1a227f8e065d4cdf289.tar.gz glibc-1073cbb0ba0736cd2180e1a227f8e065d4cdf289.tar.bz2