Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <bb621ef4-cca9-4799-b4c3-57e939680dfe@kernkonzept.com>
Date: Fri, 19 Sep 2025 22:20:54 +0200
From: Georg Kotheimer <georg.kotheimer@...nkonzept.com>
To: musl@...ts.openwall.com
Subject: Re: Bug: Stack buffer overflow in printf on aarch64

Hi,

now I am a little confused, are you referring to the commit
f96e47a26102d537c29435f0abf9ec94676a030e ("printf: fix regression in
large double formatting on ld128 archs"), which is available on the
master branch? Or are you referring to some internal git that is not
visible to the public?

Because if it's the former, it seems like the fix is insufficient, as I
just rechecked which commit I had checked out locally, it is
0b86d60badad6a69b37fc06d18b5763fbbf47b58, which includes the
aforementioned fix. But still I observe the overflow I reported.

Georg

On 19.09.25 19:40, Markus Wichmann wrote:
> Hi,
> 
> the problem is known and already fixed on git. There has just not been a
> release since that bugfix. The issue will appear on aarch64 for any
> number exceeding roughly 1e117, which is about the square root of the
> maximum.
> 
> Ciao,
> Markus

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.