Andreas Schwab <[EMAIL PROTECTED]> wrote: > Jim Meyering <[EMAIL PROTECTED]> writes: > >> I'm interested, because I don't want my applications to segfault on such >> inputs. Sure it may look a little far-fetched, but I think it's not. >> Imagine such a bit pattern being injected into a network data stream >> that is then printed as a long double. Just printing an arbitrary >> "long double" should not make a server vulnerable to a DoS attack. > > In which way is this different from passing NULL to strlen?
I'm surprised to hear you arguing that it is desirable for glibc's printf implementation to segfault for a long-double with an unusual bit pattern.
