[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: invalid memory access in idna_to_ascii_8z

From: Simon Josefsson
Subject: Re: invalid memory access in idna_to_ascii_8z
Date: Thu, 02 Jul 2015 11:42:00 +0200
User-agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux)

Nikos Mavrogiannopoulos <address@hidden> writes:

> On Thu, Jul 2, 2015 at 11:06 AM, Simon Josefsson <address@hidden> wrote:
>>>> The attached patches handle the reported issue. However, all functions
>>>> which use g_utf8_next_char() including g_utf8_strlen() are affected.
>>> is there anything holding this patch?
>> I'll add it to the next release...  it is cosmetic workaround for a
>> glibc/gcc/valgrind issue, there is no bug in libidn there.
> Hello,
>  This issue is not cosmetic. It will cause a crash on any user of
> libidn.

Can you give an example?

> valgrind is only used to demonstrate the out-of-bounds access.

My understanding was that valgrind hits down on glibc's optimized strlen
optimization that reads chunks of 4 bytes instead of character by
character.  Libidn allocates only the exact length needed.  So strlen
reads out of bounds.


Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]