On 07/03/2017 01:22 AM, Paul Eggert wrote: > On 07/01/2017 01:44 PM, Tim Rühsen wrote: >> Hi, >> >> fuzzing glob.c immediately discovered a leak. >> >> At ~L600 in glob.c, 'dirname' is heap allocated. >> It is free'd at label 'out', but some code paths directly return without >> jumping there. >> >> Attached is a patch fixing the issue for me, but just take it as a >> proof of >> concept. You might prefer a different approach. >> >> Regards, Tim > > glob.c is taken from glibc, right? Have you investigated whether these > problems have been reported and/or fixed in glibc?
I don't know if glibc takes the code from gnulib or the other way round. But a quick look at [1] around L1012 looks like the same issue in glibc. [1] https://code.woboq.org/userspace/glibc/posix/glob.c.html Regards, Tim
signature.asc
Description: OpenPGP digital signature
