[tex-live] TL2016: Stack smashed in upmendex fprint_uchar() function

Dr. Werner Fink werner at suse.de
Wed Jun 15 10:13:58 CEST 2016


On Wed, Jun 15, 2016 at 03:08:16PM +0900, Norbert Preining wrote:
> Hi Werner,
> 
> > during test I've seen a catched stack smash done by glibc fortify.
> > It seems that in texk/upmendex/fwrite.c the function fprint_uchar()
> > will be overflowed by the UChar inital array in indwrite()
> 
> Hmm, that looks interesting. I have seen several test failures
> due to segfaults on Debian packages, too, and I will give this
> patch a try. Thanks!

Even if the patch avoids the crash here I've no idea if the solution
is fully correct, that is that fprint_uchar() does really its job for
all 18 UChar members as the final char array is a bit small I guess.

But IMHO this is a job for upstream of upmendex ;)

Werner

-- 
  "Having a smoking section in a restaurant is like having
          a peeing section in a swimming pool." -- Edward Burr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://tug.org/pipermail/tex-live/attachments/20160615/abd34f05/attachment.bin>


More information about the tex-live mailing list