On 10/16/12 13:21, Jacek Caban wrote: >> How exactly? Do you know more details / urls? >> >> Does it return -n ... +n values? Like the memcmp optimization that caused >> mysql security issue? >> In that case my patch should work. > From what I know following call crashes: > strncasecmp("", "", 1); > It's probably a corner case for some optimizations. >
FWIW it was a known, already fixed, upstream glibc bug: http://sourceware.org/bugzilla/show_bug.cgi?id=14195 Jacek