Bug 426068
Summary: | dvd+rw-format crashes inside wctomb | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jonathan Kamens <jik> | ||||
Component: | dvd+rw-tools | Assignee: | Harald Hoyer <harald> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | urgent | Docs Contact: | |||||
Priority: | low | ||||||
Version: | rawhide | CC: | adrin.jalali, antonio.montagnani, harald, rdieter | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-03-26 08:01:48 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Jonathan Kamens
2007-12-18 06:06:25 UTC
looks like a glibc bug Nay. extern "C" char *plusminus_locale() { static class __plusminus { private: char str[4]; public: __plusminus() { setlocale(LC_CTYPE,ENV_LOCALE); int l = wctomb(str,(wchar_t)(unsigned char)'.'); if (l>0) str[l]='\0'; else str[0]='.',str[1]='\0'; } ~__plusminus() { } operator char*(){ return str; } } plusminus; return plusminus; } and see man wctomb: The programmer must ensure that there is room for at least MB_CUR_MAX bytes at s. For UTF-8 MB_CUR_MAX is 6, which is bigger than 4 and that's why glibc is complaining. If you don't want a VLA buffer, you can use MB_LEN_MAX (16 for glibc), which is guaranteed to be >= MB_CUR_MAX for any supported locale. *** Bug 429096 has been marked as a duplicate of this bug. *** *** Bug 425918 has been marked as a duplicate of this bug. *** It sort of sucks that this is still broken over three months after the bug report was filed, when Jakub has explained how it can be easily fixed. Created attachment 299085 [details]
patch to fix buffer overflow in wctomb
Here's a patch.
sry, bug radar failed, built dvd+rw-tools-7.0-10 in rawhide |