glibc/stdlib
Paul Pluzhnikov af7519f7b3 Fix path length overflow in realpath [BZ #22786]
Integer addition overflow may cause stack buffer overflow
when realpath() input length is close to SSIZE_MAX.

2018-05-09  Paul Pluzhnikov  <ppluzhnikov@google.com>

	[BZ #22786]
	* stdlib/canonicalize.c (__realpath): Fix overflow in path length
	computation.
	* stdlib/Makefile (test-bz22786): New test.
	* stdlib/test-bz22786.c: New test.

(cherry picked from commit 5460617d15)
2018-05-17 14:10:16 +02:00
..
bits Remove C++ namespace handling from glibc headers. 2017-03-16 13:31:57 +00:00
sys Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
a64l.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
abort.c Remove __need macros from signal.h. 2017-05-20 19:04:43 -04:00
abs.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
add_n.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
addmul_1.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
alloca.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
at_quick_exit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
atexit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
atof.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
atoi.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
atol.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
atoll.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
bsearch.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
bug-fmtmsg1.c
bug-getcontext.c Split DIAG_* macros to new header libc-diag.h. 2017-02-25 09:59:46 -05:00
bug-strtod2.c
bug-strtod.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
canonicalize.c Fix path length overflow in realpath [BZ #22786] 2018-05-17 14:10:16 +02:00
cmp.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
cxa_at_quick_exit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
cxa_atexit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
cxa_finalize.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
cxa_thread_atexit_impl.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
dbl2mpn.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
Depend
div.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
divmod_1.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
divrem.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
drand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
drand48-iter.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
drand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
erand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
erand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
errno.h Remove __need macros from errno.h (__need_Emath, __need_error_t). 2017-06-14 08:14:34 -04:00
exit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
exit.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
fmtmsg.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
fmtmsg.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
fpioconst.c float128: Extend the power of ten tables 2017-06-07 16:58:42 -03:00
fpioconst.h float128: Add strfromf128 2017-06-07 17:08:21 -03:00
gen-fpioconst.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
gen-tst-strtod-round.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
getcontext.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
getentropy.c Fix the return type of the getentropy stub 2017-08-04 00:41:42 +02:00
getenv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
getrandom.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
getsubopt.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
gmp-impl.h float128: Add conversion from float128 to mpn 2017-06-07 17:03:43 -03:00
gmp.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
grouping.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
grouping.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
groupingwc.c
inlines.c
isomac.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
jrand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
jrand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
l64a.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
labs.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
lcong48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
lcong48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
ldbl2mpn.c
ldiv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
llabs.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
lldiv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
longlong.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
lrand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
lrand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
lshift.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
makecontext.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
Makefile Fix path length overflow in realpath [BZ #22786] 2018-05-17 14:10:16 +02:00
mblen.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mbstowcs.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mbtowc.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mod_1.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
monetary.h Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
mp_clz_tab.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mpn2dbl.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mpn2flt.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mpn2ldbl.c
mrand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mrand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
msort.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mul_1.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mul_n.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
mul.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
nrand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
nrand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
old_atexit.c
on_exit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
putenv.c Remove the str(n)dup inlines from string/bits/string2.h. Although inlining 2017-03-13 18:45:42 +00:00
qsort.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
quick_exit.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
rand_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
rand.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
random_r.c Fix signed integer overflow in random_r (bug 17343). 2018-05-17 14:04:58 +02:00
random.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
rpmatch.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
rshift.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
secure-getenv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
seed48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
seed48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
setcontext.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
setenv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
srand48_r.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
srand48.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
stdlib.h Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strfmon_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strfmon.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strfrom-skeleton.c float128: Add strfromf128 2017-06-07 17:08:21 -03:00
strfromd.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strfromf.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strfroml.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtod_nan_double.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod_nan_float.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod_nan_main.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod_nan_narrow.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod_nan_wide.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod_nan.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtod.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtof_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtof_nan.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtof.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtoimax.c
strtol_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtol.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtold_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtold_nan.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtold.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtoll_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtoll.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtoul_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtoul.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtoull_l.c Use locale_t, not __locale_t, throughout glibc 2017-06-20 20:30:06 -04:00
strtoull.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
strtoumax.c
sub_n.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
submul_1.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
swapcontext.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
system.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tens_in_limb.c
test-a64l.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
test-bz22786.c Fix path length overflow in realpath [BZ #22786] 2018-05-17 14:10:16 +02:00
test-canon2.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
test-canon.c Add missing header files throughout the testsuite. 2017-02-16 17:33:18 -05:00
testdiv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
testdiv.input
testmb2.c
testmb.c
testrand.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
testsort.c
tst-atof1.c
tst-atof2.c
tst-bsearch.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-empty-env.c Fix environment traversal when an envvar value is empty 2017-01-20 00:45:09 +05:30
tst-environ.c Split DIAG_* macros to new header libc-diag.h. 2017-02-25 09:59:46 -05:00
tst-fmtmsg.c
tst-fmtmsg.sh Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-getrandom.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-limits.c
tst-makecontext2.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-makecontext3.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-makecontext.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-putenv.c
tst-putenvmod.c
tst-qsort2.c
tst-qsort.c
tst-quick_exit.cc Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-rand48-2.c
tst-rand48.c
tst-random2.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-random.c
tst-secure-getenv.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-setcontext2.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-setcontext3.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-setcontext3.sh Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-setcontext.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strfmon_l.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strfrom-locale.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strfrom.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strfrom.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtod1i.c Suppress internal declarations for most of the testsuite. 2017-05-11 19:27:59 -04:00
tst-strtod2.c
tst-strtod3.c
tst-strtod4.c
tst-strtod5.c Suppress internal declarations for most of the testsuite. 2017-05-11 19:27:59 -04:00
tst-strtod5i.c Suppress internal declarations for most of the testsuite. 2017-05-11 19:27:59 -04:00
tst-strtod6.c
tst-strtod-nan-locale-main.c float128: Add strtof128, wcstof128, and related functions. 2017-06-12 14:48:53 -03:00
tst-strtod-nan-locale.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtod-overflow.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtod-round-data
tst-strtod-round-data.h
tst-strtod-round-skeleton.c float128: Add strtof128, wcstof128, and related functions. 2017-06-12 14:48:53 -03:00
tst-strtod-round.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtod-underflow.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtod.c Suppress internal declarations for most of the testsuite. 2017-05-11 19:27:59 -04:00
tst-strtod.h Provide an additional macro expansion for F128 in stdlib/tst-strtod.h 2017-06-22 13:04:56 -03:00
tst-strtol-locale-main.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtol-locale.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-strtol.c
tst-strtoll.c
tst-system.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-thread-quick_exit.cc Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-tininess.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-tls-atexit-lib.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-tls-atexit-nodelete.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-tls-atexit.c Add missing header files throughout the testsuite. 2017-02-16 17:33:18 -05:00
tst-unsetenv1.c
tst-width-stdint.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-width.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
tst-xpg-basename.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
ucontext.h Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
udiv_qrnnd.c
Versions Do not use wildcard symbol names for public versions in Versions files. 2017-04-20 20:35:21 +00:00
wcstoimax.c
wcstombs.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
wcstoumax.c
wctomb.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00
xpg_basename.c Update copyright dates with scripts/update-copyrights. 2017-01-01 00:14:16 +00:00