freebsd-skq/lib/libc
Pedro F. Giffuni 0f23ab8aac Fix out-of-bounds read in libc/regex.
The bug is an out-of-bounds read detected with address sanitizer that
happens when 'sp' in p_b_coll_elems() includes NUL byte[s], e.g. if it's
equal to "GS\x00". In that case len will be equal to 4, and the
strncmp(cp->name, sp, len) call will succeed when cp->name is "GS" but the
cp->name[len] == '\0' comparison will cause the read to go out-of-bounds.

Checking the length using strlen() instead eliminates the issue.

The bug was found in LLVM with oss-fuzz:
	https://reviews.llvm.org/D39380

MFC after:	1 week
Obtained from:	Vlad Tsyrklevich through posting on openbsd-tech
2017-10-28 20:09:34 +00:00
..
aarch64 Decrease relative branch brittleness. 2017-06-20 07:25:38 +00:00
amd64 Optimize libc to get and set TLS using the RDFSBASE and RDGSBASE 2017-08-21 17:39:12 +00:00
arm Save VFP state in getcontext(3) on ARM. 2017-10-16 12:53:54 +00:00
capability Replace dot-dot relative pathing with SRCTOP-relative paths where possible 2017-01-20 03:23:24 +00:00
compat-43 Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
db Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
gdtoa For now, compile all of contrib/gdtoa without requiring strict aliasing, 2017-02-13 20:13:29 +00:00
gen Add OID for the vm.overcommit sysctl. This makes it possible to remove 2017-10-22 10:35:29 +00:00
gmon Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
i386 force use of ld.bfd for linking i386 libc, even when using lld 2017-08-16 18:55:39 +00:00
iconv __iconv_get_list: separate .Nm entries with commas 2017-05-23 07:02:01 +00:00
include In the stdio cleanup push and pop wrappers, always call libc stubs for 2017-06-30 20:27:51 +00:00
inet libc: remove use of archaic __P() macro 2017-03-30 01:03:07 +00:00
isc libc: do not include <sys/types.h> where <sys/param.h> was already included 2016-04-18 21:05:15 +00:00
locale __setrunelocale: Fix asprintf(3) failure not returning an error. 2017-09-29 16:30:50 +00:00
md Replace dot-dot relative pathing with SRCTOP-relative paths where possible 2017-01-20 03:23:24 +00:00
mips Include {u,}{div,mod}si3() on mips in libcompiler_rt. 2017-08-21 17:49:01 +00:00
nameser libc: spelling fixes. 2016-04-30 01:24:24 +00:00
net mdoc style: start new sentence on new line 2017-10-04 12:58:30 +00:00
nls Use current locale (f.e. set by thread). It was global locale always 2016-08-24 16:44:27 +00:00
posix1e acl_to_text(3): start sentences on new lines 2017-05-23 07:12:31 +00:00
powerpc Correct an misunderstanding of MDSRCS. 2017-03-02 17:07:28 +00:00
powerpc64 Correct an misunderstanding of MDSRCS. 2017-03-02 17:07:28 +00:00
powerpcspe Correct an misunderstanding of MDSRCS. 2017-03-02 17:07:28 +00:00
quad Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
regex Fix out-of-bounds read in libc/regex. 2017-10-28 20:09:34 +00:00
resolv Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
riscv Support for v1.10 (latest) of RISC-V privilege specification. 2017-08-10 14:18:09 +00:00
rpc Revert r300385 and r300624 which was false positive 2017-06-30 07:04:10 +00:00
secure libc: do not include <sys/types.h> where <sys/param.h> was already included 2016-04-18 21:05:15 +00:00
softfloat Add full softfloat and hardfloat support for RISC-V. 2016-11-16 15:21:32 +00:00
sparc64 Correct an misunderstanding of MDSRCS. 2017-03-02 17:07:28 +00:00
stdio Revert r325031. This breaks the build due to __FBSDID. 2017-10-27 05:04:29 +00:00
stdlib Improve standard compliance for memset_s() and abort_handler_s(). 2017-08-12 15:18:17 +00:00
stdtime Renumber copyright clause 4 2017-02-28 23:42:47 +00:00
string Improve standard compliance for memset_s() and abort_handler_s(). 2017-08-12 15:18:17 +00:00
sys Define RB_POWERCYCLE 2017-10-25 15:30:20 +00:00
tests getmntinfo(3): Scale faster, and return sooner 2017-08-25 16:38:21 +00:00
uuid libc: replace 0 with NULL for pointers. 2016-04-10 19:33:58 +00:00
x86/sys Fix a regression in r321608. 2017-08-13 14:42:23 +00:00
xdr * limit size of buffers to RPC_MAXDATASIZE 2017-06-01 06:12:25 +00:00
yp Use on crypto.x and rpc.x from the source tree. 2016-06-28 19:53:16 +00:00
libc_nossp.ldscript Add different libc ldscript: the one without libssp -- 2016-10-12 13:19:21 +00:00
libc.ldscript
Makefile Support armv7 builds for userland 2017-10-05 23:01:33 +00:00
Makefile.depend DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
Versions.def Create namespace for the symbols added during 12-CURRENT cycle. 2016-08-06 13:28:58 +00:00