On Tue, Aug 15, 2023 at 8:33 AM Paul Liu wrote:
>
> Hi Tom,
>
> Yes, I think Rasmus is correct. I didn't have any real cases that can trigger
> the bug.
> So let's don't include this patch. I'll see if I can revert this in AOSP's
> branch.
>
> Yours,
> Paul
>
>
>
> Y
>
> On Tue, 15 Aug 2023 at 2
Hi Tom,
Yes, I think Rasmus is correct. I didn't have any real cases that can
trigger the bug.
So let's don't include this patch. I'll see if I can revert this in
AOSP's branch.
Yours,
Paul
Y
On Tue, 15 Aug 2023 at 22:42, Tom Rini wrote:
> On Thu, Mar 09, 2023 at 10:12:21AM +0800, Ying-Chun
On Thu, Mar 09, 2023 at 10:12:21AM +0800, Ying-Chun Liu (PaulLiu) wrote:
> From: Tom Cherry
>
> vsnprintf_internal() adds 'size' to 'buf' and vsprintf() sets 'size'
> to 'INT_MAX' which can overflow. This causes sprintf() to fail when
> initializing the environment on 8GB.
>
> Instead of using
On 09/03/2023 03.12, Ying-Chun Liu (PaulLiu) wrote:
> From: Tom Cherry
>
> vsnprintf_internal() adds 'size' to 'buf' and vsprintf() sets 'size'
> to 'INT_MAX' which can overflow.
Yes, and? vsprintf_internal then detects that by looking at whether
"end" is now before "buf", and if so corrects it
From: Tom Cherry
vsnprintf_internal() adds 'size' to 'buf' and vsprintf() sets 'size'
to 'INT_MAX' which can overflow. This causes sprintf() to fail when
initializing the environment on 8GB.
Instead of using 'INT_MAX', we use SIZE_MAX - buf, which is the
largest possible string that could fit w
5 matches
Mail list logo
