/[base]
ViewVC logotype

Revision 275665


Jump to revision: Previous Next
Author: delphij
Date: Wed Dec 10 08:18:22 2014 UTC (8 years, 5 months ago)
Changed paths: 1
Log Message:
In r268924 __fflush was modified so that when write(2) was not successful,
_p and _w are adjusted to account for the partial write (if any).

However, _p and _w should not be unconditionally adjusted and should only
be changed when we actually wrote some bytes, or the accumulated accounting
error will eventually result in a heap buffer overflow.

Reported by:	adrian and alfred (Norse Corporation)
Security:	FreeBSD-SA-14:27.stdio
Security:	CVE-2014-8611


Changed paths

Path Details
Directoryhead/lib/libc/stdio/fflush.c modified , text changed

  ViewVC Help
Powered by ViewVC 1.1.27