Re: [PATCH, libfortran] Backport xmallocarray to 4.8/4.9 (CVE-2014-5044)

2014-08-05 Thread Tobias Burnus
Jakub Jelinek wrote: On Sat, Aug 02, 2014 at 12:09:24AM +0300, Janne Blomqvist wrote: --- libgfortran/runtime/memory.c.jj 2014-06-18 08:50:33.0 +0200 +++ libgfortran/runtime/memory.c2014-08-01 14:41:08.385856116 +0200 @@ -56,7 +56,9 @@ xmallocarray (size_t nmemb, size_t size)

Re: [PATCH, libfortran] Backport xmallocarray to 4.8/4.9 (CVE-2014-5044)

2014-08-01 Thread Jakub Jelinek
On Sat, Aug 02, 2014 at 12:09:24AM +0300, Janne Blomqvist wrote: > > --- libgfortran/runtime/memory.c.jj 2014-06-18 08:50:33.0 +0200 > > +++ libgfortran/runtime/memory.c2014-08-01 14:41:08.385856116 +0200 > > @@ -56,7 +56,9 @@ xmallocarray (size_t nmemb, size_t size) > > > >

Re: [PATCH, libfortran] Backport xmallocarray to 4.8/4.9 (CVE-2014-5044)

2014-08-01 Thread Janne Blomqvist
On Fri, Aug 1, 2014 at 3:49 PM, Jakub Jelinek wrote: > On Thu, Jul 31, 2014 at 11:32:12PM +0300, Janne Blomqvist wrote: >> a while ago I committed a patch to trunk adding a function >> xmallocarray to libgfortran, which is a malloc wrapper like xmalloc >> but has two arguments and does an overflow

Re: [PATCH, libfortran] Backport xmallocarray to 4.8/4.9 (CVE-2014-5044)

2014-08-01 Thread Jakub Jelinek
On Thu, Jul 31, 2014 at 11:32:12PM +0300, Janne Blomqvist wrote: > a while ago I committed a patch to trunk adding a function > xmallocarray to libgfortran, which is a malloc wrapper like xmalloc > but has two arguments and does an overflow check before multiplying > them together. That seems to b

[PATCH, libfortran] Backport xmallocarray to 4.8/4.9 (CVE-2014-5044)

2014-07-31 Thread Janne Blomqvist
Hi, a while ago I committed a patch to trunk adding a function xmallocarray to libgfortran, which is a malloc wrapper like xmalloc but has two arguments and does an overflow check before multiplying them together. https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=211721 Orig