glibc/stdio-common
Paul Pluzhnikov 5bd80bfe9c CVE-2015-1472: wscanf allocates too little memory
BZ #16618

Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer.  The
implementation now correctly computes the required buffer size when
using malloc.

A regression test was added to tst-sscanf.
2015-02-06 00:34:51 -05:00
..
bits Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_i18n_number.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_itoa.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_itowa.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
_itowa.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
asprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
bug1.c
bug1.input
bug2.c
bug3.c
bug4.c
bug5.c
bug6.c
bug6.input
bug7.c
bug8.c
bug9.c
bug10.c
bug11.c
bug12.c
bug13.c
bug14.c
bug16.c Remove trailing whitespace. 2013-06-05 20:44:03 +00:00
bug17.c
bug18.c
bug18a.c
bug19.c
bug19a.c
bug20.c
bug21.c Add macros for diagnostic control, use for scanf %a tests. 2014-12-10 00:41:19 +00:00
bug22.c Bump up stdio bug22 timeout from 30 seconds to 60 seconds 2012-05-17 12:59:08 -04:00
bug23-2.c CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] 2014-12-15 10:09:33 +01:00
bug23-3.c CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] 2014-12-15 10:09:33 +01:00
bug23-4.c CVE-2012-3406: Stack overflow in vfprintf [BZ #16617] 2014-12-15 10:09:33 +01:00
bug23.c Fix allocation when handling positional parameters in printf. 2011-02-20 07:59:49 -05:00
bug24.c Add test for BZ 13114 2011-08-20 09:22:16 -04:00
bug25.c 2012-05-24 Jeff Law <law@redhat.com> 2012-05-24 21:30:43 -06:00
bug26.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
bug-vfprintf-nargs.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
ctermid.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
cuserid.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Depend
dprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
errlist.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
errnobug.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
flockfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
fprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
fscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
ftrylockfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
funlockfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
fxprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
getline.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
getw.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_fscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_scanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_sscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_vfscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_vscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
isoc99_vsscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
itoa-digits.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
itoa-udigits.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
itowa-digits.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
Makefile Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
perror.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf_fp.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf_fphex.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf_size.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf-parse.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf-parsemb.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf-parsewc.c
printf-prs.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
printf.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
psiginfo-data.h Fix typos. 2013-10-12 14:47:50 +02:00
psiginfo-define.h * locale/langinfo.h: nl_langinfo_l is in POSIX 2008. 2009-02-26 06:18:24 +00:00
psiginfo.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
psignal.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
putw.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
reg-modifier.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
reg-printf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
reg-type.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
remove.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
rename.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
renameat.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
scanf1.c
scanf2.c
scanf3.c
scanf4.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
scanf5.c
scanf7.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
scanf8.c
scanf9.c
scanf10.c
scanf11.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
scanf12.c
scanf12.input
scanf13.c Avoid warning in scanf test. 2009-10-30 09:23:24 -07:00
scanf14.c Add macros for diagnostic control, use for scanf %a tests. 2014-12-10 00:41:19 +00:00
scanf15.c Preserve SSE registers in runtime relocations on x86-64. 2009-07-29 08:33:03 -07:00
scanf16.c
scanf17.c Preserve SSE registers in runtime relocations on x86-64. 2009-07-29 08:33:03 -07:00
scanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
siglist.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
snprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
sprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
sscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
stdio_ext.h Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
stdio_lim.h.in Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tempnam.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tempname.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
temptest.c
test_rdwr.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
test-fseek.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
test-fwrite.c
test-popen.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
test-vfprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tfformat.c Avoid use of "register" as optimization hint. 2013-06-07 22:24:35 +00:00
tiformat.c
tllformat.c
tmpfile64.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tmpfile.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tmpnam_r.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tmpnam.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-cookie.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-fdopen.c
tst-ferror.c
tst-ferror.input
tst-fgets.c
tst-fileno.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fmemopen2.c Replace %ld with %jd and cast to intmax_t 2014-12-30 08:08:29 -08:00
tst-fmemopen.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fphex-wide.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fphex.c Clean up tst-fphex test 2012-03-08 03:02:24 -05:00
tst-fseek.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-fwrite.c
tst-gets.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-gets.input
tst-grouping.c Fix grouping when rounding increases number of integer digits. 2011-01-12 20:37:51 -05:00
tst-long-dbl-fphex.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-obprintf.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-perror.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-popen2.c
tst-popen.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printf-round.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printf.sh Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-printfsz.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
tst-put-error.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-rndseek.c
tst-setvbuf1.c
tst-setvbuf1.expect
tst-sprintf2.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-sprintf3.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-sprintf.c stdio-common: Include <libc-internal.h> in some tests 2014-12-15 11:29:09 -06:00
tst-sscanf.c CVE-2015-1472: wscanf allocates too little memory 2015-02-06 00:34:51 -05:00
tst-swprintf.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-swscanf.c
tst-tmpnam.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-unbputc.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tst-unbputc.sh Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-ungetc.c
tst-unlockedio.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tst-wc-printf.c Modify several tests to use test-skeleton.c 2014-11-05 15:24:08 +05:30
tstdiomisc.c Eliminate -Wno-format from printf/scanf tests. 2014-12-11 13:47:44 -08:00
tstgetln.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tstgetln.input
tstscanf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
tstscanf.input
Versions Add missing } in Versions file. 2014-02-28 11:07:43 -08:00
vfprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
vfscanf.c CVE-2015-1472: wscanf allocates too little memory 2015-02-06 00:34:51 -05:00
vfwprintf.c
vfwscanf.c
vprintf.c Update copyright dates with scripts/update-copyrights. 2015-01-02 16:29:47 +00:00
xbug.c Avoid use of "register" as optimization hint. 2013-06-07 22:24:35 +00:00