From: Ondrej Bilka Date: Fri, 24 May 2013 06:34:10 +0000 (+0200) Subject: Initialize wide struct info. X-Git-Tag: upstream/2.30~9019 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=bae143d2702e5ca1265c55b06072afba01bfc07a;p=external%2Fglibc.git Initialize wide struct info. Fixes 15381. Using wide character function is on byte oriented memstream is undefined behaviour. This behaviour was masked by not initializing wide struct info. We now initialize it to cause a predictable crash. --- diff --git a/ChangeLog b/ChangeLog index a0387bd..8fe6c2a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2013-05-24 Ondřej Bílka + + [BZ #15381] + * libio/genops.c (_IO_no_init): Initialize wide struct info. + 2013-05-23 Edjunior Machado [BZ #14894] diff --git a/NEWS b/NEWS index 152e7a4..1d0d4f2 100644 --- a/NEWS +++ b/NEWS @@ -16,9 +16,9 @@ Version 2.18 15007, 15014, 15020, 15023, 15036, 15054, 15055, 15062, 15078, 15084, 15085, 15086, 15160, 15214, 15221, 15232, 15234, 15283, 15285, 15287, 15304, 15305, 15307, 15309, 15327, 15330, 15335, 15336, 15337, 15339, - 15342, 15346, 15359, 15361, 15366, 15380, 15394, 15395, 15405, 15406, - 15409, 15416, 15418, 15419, 15423, 15424, 15426, 15429, 15441, 15442, - 15448, 15480, 15485, 15488, 15490, 15493, 15497, 15506. + 15342, 15346, 15359, 15361, 15366, 15380, 15381, 15394, 15395, 15405, + 15406, 15409, 15416, 15418, 15419, 15423, 15424, 15426, 15429, 15441, + 15442, 15448, 15480, 15485, 15488, 15490, 15493, 15497, 15506. * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla #15078). diff --git a/libio/genops.c b/libio/genops.c index 390d8d2..e5c5d5c 100644 --- a/libio/genops.c +++ b/libio/genops.c @@ -661,6 +661,10 @@ _IO_no_init (fp, flags, orientation, wd, jmp) fp->_wide_data->_wide_vtable = jmp; } + else + /* Cause predictable crash when a wide function is called on a byte + stream. */ + fp->_wide_data = (struct _IO_wide_data *) -1L; #endif fp->_freeres_list = NULL; }