Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 2 May 2018 12:07:17 -0500
From: Will Dietz <w@...z.org>
To: musl@...ts.openwall.com
Subject: [PATCH] iconv: add check to avoid writing past end of buffer

Attached.

Example based on [1] that crashes without this fix can be found here:

https://gist.github.com/7bc07da1dcd02e01c2fbb28cbaa81420

Input is from git's tests (2.17.0), and fixes tests when using
noxcuse-based iconv utility and musl's iconv implementation.

Well, *almost*.   At least no more crashing :).  One final test
involving autosquash fails-- I believe due to a comparison breaking
due to unexpected shifts in ISO-2022-JP encoding (as described in [2])
but I'm not sure of details just yet.  Neat to get this far!

~Will

[1] http://www.openwall.com/lists/musl/2017/05/03/1
[2] http://www.openwall.com/lists/musl/2014/11/09/1

View attachment "iconv.patch" of type "text/x-patch" (691 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.