Nikos Mavrogiannopoulos <[email protected]> writes: > On Thu, Jul 2, 2015 at 11:06 AM, Simon Josefsson <[email protected]> wrote: >>>> The attached patches handle the reported issue. However, all functions >>>> which use g_utf8_next_char() including g_utf8_strlen() are affected. >>> is there anything holding this patch? >> I'll add it to the next release... it is cosmetic workaround for a >> glibc/gcc/valgrind issue, there is no bug in libidn there. > > Hello, > This issue is not cosmetic. It will cause a crash on any user of > libidn.
Can you give an example? > valgrind is only used to demonstrate the out-of-bounds access. My understanding was that valgrind hits down on glibc's optimized strlen optimization that reads chunks of 4 bytes instead of character by character. Libidn allocates only the exact length needed. So strlen reads out of bounds. /Simon
signature.asc
Description: PGP signature
_______________________________________________ Help-libidn mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-libidn
