Re: Fix for CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow

2014-02-04 Thread Stuart Henderson
On 2014/02/03 21:48, Stuart Henderson wrote: > Which license is this patch under? Checked and these files are still under GPLv2 so we're ok from that respect. http://gcc.gnu.org/viewcvs/gcc/trunk/libiberty/objalloc.c?revision=191413&view=markup&pathrev=191413 http://gcc.gnu.org/viewcvs/gcc/trunk/

Re: Fix for CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow

2014-02-03 Thread Stuart Henderson
Which license is this patch under? On 3 February 2014 13:26:41 GMT+00:00, Sebastian Trahm wrote: >Hello, > >the following diff addresses CVE-2012-3509 >(libiberty: integer overflow, leading to heap-buffer overflow). > > >Index: include/objalloc.h >

Fix for CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow

2014-02-03 Thread Sebastian Trahm
Hello, the following diff addresses CVE-2012-3509 (libiberty: integer overflow, leading to heap-buffer overflow). Index: include/objalloc.h === RCS file: /cvs/src/gnu/lib/libiberty/include/objalloc.h,v retrieving revision 1.1.1.3 di