Bug#169370: libc6: strerror_r() is implemented incorrectly

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#169370: libc6: strerror_r() is implemented incorrectly
From: Alexander Kotelnikov <sacha@debian.org>
Date: Sat, 16 Nov 2002 20:49:32 +0300
Message-id: <[🔎] 200211161749.gAGHnWlA006177@giotto.sj.ru>
Reply-to: Alexander Kotelnikov <sacha@debian.org>, 169370@bugs.debian.org

Package: libc6
Version: 2.2.5-11.2
Severity: normal
Tags: security

in glibc-2.2.5.orig/glibc-2.2.5/sysdeps/generic/_strerror.c
__strerror_r()

if first argument of __strerror_r is a valid error number corresponding
error string is not written to user supplied buffer and it stays
uninitialised. This can cause troubles if buffer is accessed after a
strerror_r call with presumption that it is a normal string.

The fix is obvious.

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux giotto 2.4.18 #1 Fri Jul 26 15:57:56 MSD 2002 i686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R

Reply to:

Prev by Date: Bug#169176: Attached is missing patch for packaging changes
Next by Date: Processed: Re: Bug#169370: libc6: strerror_r() is implemented incorrectly
Previous by thread: Bug#165603: regex segfaults in C locale too
Next by thread: Processed: Re: Bug#169370: libc6: strerror_r() is implemented incorrectly
Index(es):
- Date
- Thread