projects / platform / upstream / glibc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7e5a0c2) | patch
syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
authorArjun Shankar <arjun@redhat.com>
Mon, 15 Jan 2024 16:44:45 +0000 (17:44 +0100)
committerArjun Shankar <arjun@redhat.com>
Tue, 30 Jan 2024 14:53:37 +0000 (15:53 +0100)
commitddf542da94caf97ff43cc2875c88749880b7259b
tree718b463d18c506490d0c06fdac407ac78254d867tree | snapshot
parent7e5a0c286da33159d47d0122007aac016f3e02cdcommit | diff
syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)

__vsyslog_internal calculated a buffer size by adding two integers, but
did not first check if the addition would overflow.  This commit fixes
that.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
misc/syslog.c diff | blob | history
Domain: System / Toolchain;