Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 1 Dec 2023 14:08:54 +0900
From: Anuraag Agrawal <>
Subject: Large overflow in __intscan ignored

Currently, __intscan, used by functions like strtol, does not seem to check
for overflow during multiplication.

It at the end checks against the limit, e.g. the size of a long

However, if the value overflows and ends up in the range of the limit,
errno will not be set. It seems that each multiplication operation needs to
be checking for overflow and return errno if it ever happens.

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.