Your message dated Thu, 24 Apr 2014 17:55:51 +0200 with message-id <20140424155551.GA10616@free.fr> and subject line glibc: possible signed integer overflow in libio/iogetdelim.c has caused the Debian Bug report #517714, regarding glibc: possible signed integer overflow in libio/iogetdelim.c to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 517714: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=517714 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: glibc: possible signed integer overflow in libio/iogetdelim.c
- From: Jakub Wilk <ubanus@users.sf.net>
- Date: Sun, 1 Mar 2009 17:40:59 +0100
- Message-id: <20090301164059.GA668@cavendish.icomputing.pl>
Package: libc6 Version: 2.9-3 Severity: minor An excerpt from gcc manual page: -fstrict-overflowAllow the compiler to assume strict signed overflow rules, depending on the language being compiled. For C (and C++) this means that overflow when doing arithmetic with signed numbers is undefined, which means that the compiler may assume that it will not happen. [...] When this option is in effect any attempt to determine whether an operation on signed numbers will overflow must be written carefully to not actually involve overflow.[...] The -fstrict-overflow option is enabled at levels -O2, -O3, -Os. (Note that glibc is compiled with -O2 in Debian.)I guess the following code snippet from libio/iogetdelim.c could serve as an example how *not* to write code, when this option is turned on:if (__builtin_expect (cur_len + len + 1 < 0, 0)) { __set_errno (EOVERFLOW); result = -1; goto unlock_return; } -- Jakub Wilk
--- End Message ---
--- Begin Message ---
- To: 517714-done@bugs.debian.org
- Cc: control@bugs.debian.org
- Subject: glibc: possible signed integer overflow in libio/iogetdelim.c
- From: Stéphane Aulery <lkppo@free.fr>
- Date: Thu, 24 Apr 2014 17:55:51 +0200
- Message-id: <20140424155551.GA10616@free.fr>
fixed 517714 eglibc/2.17-0experimental0 stop See https://sourceware.org/bugzilla/show_bug.cgi?id=9914#c12 -- Stéphane Aulery
--- End Message ---