diff options
author | Aurelien Jarno <aurelien@aurel32.net> | 2014-05-16 00:03:37 +0200 |
---|---|---|
committer | Aurelien Jarno <aurelien@aurel32.net> | 2014-05-16 00:07:29 +0200 |
commit | d0583c403952630c534b0605ff7d69af5ec473cc (patch) | |
tree | 87b8ce3f6ac98870ceff9ec85e2b4fd1f3ec7641 /NEWS | |
parent | c0c08d02c82275353f5c556f935a1a01714d9d7f (diff) | |
download | glibc-d0583c403952630c534b0605ff7d69af5ec473cc.zip glibc-d0583c403952630c534b0605ff7d69af5ec473cc.tar.gz glibc-d0583c403952630c534b0605ff7d69af5ec473cc.tar.bz2 |
ptsname_r: don't leak uninitialized memory (BZ #16917)
If the fd refers to a terminal device, but not a pty master, the
TIOCGPTN ioctl returns with ENOTTY. This error is not caught, and the
possibly undefined buffer passed to ptsname_r is sent directly to the
stat64 syscall.
Fix this by using a fallback to the old method only if the TIOCGPTN
ioctl fails with EINVAL. This also fix the return value in that specific
case (it return ENOENT without this patch).
Also add tests to the ptsname_r function (and ptsname at the same time).
Note: this is Debian bug#741482, reported by Jakub Wilk <jwilk@debian.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -17,7 +17,7 @@ Version 2.20 16712, 16713, 16714, 16731, 16739, 16740, 16743, 16754, 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16799, 16800, 16815, 16823, 16824, 16831, 16838, 16849, 16854, 16876, 16877, 16885, 16888, 16890, 16912, - 16916, 16922, 16927, 16928, 16932. + 16916, 16917, 16922, 16927, 16928, 16932. * The minimum Linux kernel version that this version of the GNU C Library can be used with is 2.6.32. |