Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / strace / 025f1082b6c9573772472cc9039c2e10225c2c42
commit025f1082b6c9573772472cc9039c2e10225c2c42[log] [tgz]
authorDr. David Alan Gilbert <dave@treblig.org>Tue Nov 05 11:54:51 2013 +0100
committerDenys Vlasenko <dvlasenk@redhat.com>Tue Nov 05 11:54:51 2013 +0100
treeab275532c13c67dcc7d430be1c9810820b5a64f2
parent0b4060f61f1bb101b5d8d084714b7d2feacdb199 [diff]
Fix select decoding with bogus (huge or negative) nfds.

We used to allocate and fetch bit arrays using a sanitized
length, but then iterate over them with "j < arg[0]" condition,
where arg[0] is not sanitized. This segfaults if arg[0] is huge
or negative. This change fixes this.

Add test/select.c to capture the case.

Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
4 files changed
tree: ab275532c13c67dcc7d430be1c9810820b5a64f2
  1. debian/
  2. linux/
  3. m4/
  4. qemu_multiarch_testing/
  5. test/
  6. tests/
  7. .gitignore
  8. .mailmap
  9. AUTHORS
  10. bjm.c
  11. block.c
  12. build_static_example.sh
  13. ChangeLog-CVS
  14. configure.ac
  15. COPYING
  16. count.c
  17. CREDITS.in
  18. defs.h
  19. desc.c
  20. errnoent.sh
  21. file.c
  22. git-set-file-times
  23. git-version-gen
  24. gitlog-to-changelog
  25. HACKING-scripts
  26. INSTALL
  27. io.c
  28. ioctl.c
  29. ioctlsort.c
  30. ipc.c
  31. loop.c
  32. make-dist
  33. Makefile.am
  34. mem.c
  35. mtd.c
  36. net.c
  37. NEWS
  38. pathtrace.c
  39. process.c
  40. quota.c
  41. README
  42. README-hacking
  43. README-linux
  44. README-linux-ptrace
  45. resource.c
  46. scsi.c
  47. signal.c
  48. signalent.sh
  49. sock.c
  50. strace-graph
  51. strace-log-merge
  52. strace.1
  53. strace.c
  54. strace.spec
  55. stream.c
  56. syscall.c
  57. syscallent.sh
  58. system.c
  59. term.c
  60. time.c
  61. util.c
  62. vsprintf.c
  63. xlate.el