From da3c19ef5aab5c073baa57afd1f5bf9bf8746460 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Sat, 14 May 2011 11:13:31 -0400 Subject: [PATCH] Fix potential problem with out-of-scope buffer --- ChangeLog | 4 ++++ NEWS | 6 +++--- sysdeps/generic/elf/backtracesymsfd.c | 4 ++-- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9d9e215b07..70a4b86866 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 2011-05-14 Ulrich Drepper + [BZ #12626] + * sysdeps/generic/elf/backtracesymsfd.c (__backtrace_symbols_fd): Move + buf2 definition. + * libio/fileops.c (_IO_new_file_close_it): Initialize write_status. [BZ #12432] diff --git a/NEWS b/NEWS index 55932448e7..4abf3f0417 100644 --- a/NEWS +++ b/NEWS @@ -12,9 +12,9 @@ Version 2.14 386, 11257, 11258, 11487, 11532, 11578, 11653, 11668, 11724, 11945, 11947, 12052, 12158, 12178, 12200, 12346, 12393, 12420, 12432, 12445, 12449, 12454, 12460, 12469, 12489, 12509, 12510, 12511, 12518, 12527, 12541, - 12545, 12551, 12583, 12587, 12597, 12611, 12625, 12631, 12650, 12653, - 12655, 12660, 12681, 12685, 12711, 12713, 12714, 12717, 12723, 12724, - 12734, 12738 + 12545, 12551, 12583, 12587, 12597, 12611, 12625, 12626, 12631, 12650, + 12653, 12655, 12660, 12681, 12685, 12711, 12713, 12714, 12717, 12723, + 12724, 12734, 12738 * The RPC implementation in libc is obsoleted. Old programs keep working but new programs cannot be linked with the routines in libc anymore. diff --git a/sysdeps/generic/elf/backtracesymsfd.c b/sysdeps/generic/elf/backtracesymsfd.c index f0ab71587f..0160ac158b 100644 --- a/sysdeps/generic/elf/backtracesymsfd.c +++ b/sysdeps/generic/elf/backtracesymsfd.c @@ -1,5 +1,5 @@ /* Write formatted list with names for addresses in backtrace to a file. - Copyright (C) 1998,2000,2003,2005,2009 Free Software Foundation, Inc. + Copyright (C) 1998,2000,2003,2005,2009,2011 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper , 1998. @@ -45,6 +45,7 @@ __backtrace_symbols_fd (array, size, fd) for (cnt = 0; cnt < size; ++cnt) { char buf[WORD_WIDTH]; + char buf2[WORD_WIDTH]; Dl_info info; struct link_map *map; size_t last = 0; @@ -59,7 +60,6 @@ __backtrace_symbols_fd (array, size, fd) if (info.dli_sname != NULL || map->l_addr != 0) { - char buf2[WORD_WIDTH]; size_t diff; iov[last].iov_base = (void *) "(";