Thanks, Vincent,

now I am able to reproduce the issue!

I will request CVE.

Regards

Anton

Am So., 14. Nov. 2021 um 15:44 Uhr schrieb Vincent Lefevre <vinc...@vinc17.net>:
>
> On 2021-11-14 14:15:25 +0100, Anton Gladky wrote:
> > well, I was thinking that upstream should request a CVE. Neverheless
> > I could not reproduce the issue with the modern GCC-versions.
> > Even on 32bit-systems.
>
> I can still reproduce the segmentation fault under Debian/unstable.
> Simplified testcase:
>
> #include <stdio.h>
> #include <gmp.h>
>
> int main (void)
> {
>   mpz_t s;
>   mpz_init (s);
>   mpz_inp_raw (s, stdin);
>   return 0;
> }
>
> Compile with gcc -m32 and execute:
>
>   printf 12345 | ./testcase
>
> Note that even if you don't get a segmentation fault, there may be
> other erratic behaviors, such as silent memory corruption (which may
> be even worse).
>
> --
> Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
>

Reply via email to