Control: tags -1 fixed-upstream
On 2017-05-23 21:43:06 +0200, Vincent Lefevre wrote:
> Consider the following program:
>
> #include
> #include
>
> int main(void)
> {
> int r;
> long n = -1;
>
> r = gmp_snprintf (NULL, 0, "%2147483600s%100s%ln", "", "", &n);
> printf ("%d %ld\n", r, n)
Package: libgmp10
Version: 2:6.1.2+dfsg-1
Severity: normal
Tags: security upstream
Forwarded: https://gmplib.org/list-archives/gmp-bugs/2017-May/004157.html
I've reported the following issue upstream. Since GMP tries to
allocate a huge quantity of memory (18 EB) while only a few GB's
may be necess
2 matches
Mail list logo
