glibc/stdio-common
Paul Pluzhnikov 5bd80bfe9c CVE-2015-1472: wscanf allocates too little memory
BZ #16618

Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer.  The
implementation now correctly computes the required buffer size when
using malloc.

A regression test was added to tst-sscanf.
2015-02-06 00:34:51 -05:00
..
bits Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_i18n_number.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_itoa.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_itowa.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_itowa.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
asprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
bug1.c
bug1.input
bug2.c
bug3.c
bug4.c
bug5.c
bug6.c
bug6.input
bug7.c
bug8.c
bug9.c
bug10.c
bug11.c
bug12.c
bug13.c
bug14.c
bug16.c
bug17.c
bug18.c
bug18a.c
bug19.c
bug19a.c
bug20.c
bug21.c Add macros for diagnostic control, use for scanf %a tests. 2014-12-10 00:41:19 +00:00
bug22.c
bug23-2.c CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] 2014-12-15 10:09:33 +01:00
bug23-3.c CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] 2014-12-15 10:09:33 +01:00
bug23-4.c CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] 2014-12-15 10:09:33 +01:00
bug23.c
bug24.c
bug25.c
bug26.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
bug-vfprintf-nargs.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
ctermid.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
cuserid.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Depend
dprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
errlist.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
errnobug.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
flockfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
fprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
fscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
ftrylockfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
funlockfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
fxprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
getline.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
getw.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_fscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_scanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_sscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_vfscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_vscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_vsscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
itoa-digits.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
itoa-udigits.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
itowa-digits.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Makefile Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
perror.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf_fp.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf_fphex.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf_size.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf-parse.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf-parsemb.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf-parsewc.c
printf-prs.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
psiginfo-data.h Fix typos. 2013-10-12 14:47:50 +02:00
psiginfo-define.h
psiginfo.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
psignal.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
putw.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
reg-modifier.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
reg-printf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
reg-type.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
remove.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
rename.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
renameat.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
scanf1.c
scanf2.c
scanf3.c
scanf4.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
scanf5.c
scanf7.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
scanf8.c
scanf9.c
scanf10.c
scanf11.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
scanf12.c
scanf12.input
scanf13.c
scanf14.c Add macros for diagnostic control, use for scanf %a tests. 2014-12-10 00:41:19 +00:00
scanf15.c
scanf16.c
scanf17.c
scanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
siglist.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
snprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
sprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
sscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
stdio_ext.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
stdio_lim.h.in Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tempnam.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tempname.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
temptest.c
test_rdwr.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
test-fseek.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
test-fwrite.c
test-popen.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
test-vfprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tfformat.c
tiformat.c
tllformat.c
tmpfile64.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tmpfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tmpnam_r.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tmpnam.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-cookie.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-fdopen.c
tst-ferror.c
tst-ferror.input
tst-fgets.c
tst-fileno.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fmemopen2.c Replace %ld with %jd and cast to intmax_t 2014-12-30 08:08:29 -08:00
tst-fmemopen.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fphex-wide.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fphex.c
tst-fseek.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fwrite.c
tst-gets.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-gets.input
tst-grouping.c
tst-long-dbl-fphex.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-obprintf.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-perror.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-popen2.c
tst-popen.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printf-round.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printf.sh Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printfsz.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
tst-put-error.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-rndseek.c
tst-setvbuf1.c
tst-setvbuf1.expect
tst-sprintf2.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-sprintf3.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-sprintf.c stdio-common: Include <libc-internal.h> in some tests 2014-12-15 11:29:09 -06:00
tst-sscanf.c CVE-2015-1472: wscanf allocates too little memory 2015-02-06 00:34:51 -05:00
tst-swprintf.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-swscanf.c
tst-tmpnam.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-unbputc.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-unbputc.sh Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-ungetc.c
tst-unlockedio.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-wc-printf.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tstdiomisc.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
tstgetln.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tstgetln.input
tstscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tstscanf.input
Versions Add missing } in Versions file. 2014-02-28 11:07:43 -08:00
vfprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
vfscanf.c CVE-2015-1472: wscanf allocates too little memory 2015-02-06 00:34:51 -05:00
vfwprintf.c
vfwscanf.c
vprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
xbug.c