https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
Markus Trippelsdorf changed:
What|Removed |Added
Status|NEW |RESOLVED
URL|
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
--- Comment #9 from Dominik Vogt ---
... and I think the buffer allocated in __execvpe() is also one byte too small:
char buffer[path_len + file_len + 1];
...
char *pend = mempcpy (buffer, p, subp - p); <-- path_len
*pend = '/';
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
--- Comment #8 from Dominik Vogt ---
This code from maybe_script_execute() writes past the allocated array bounds:
/* Construct an argument list for the shell. */
char *new_argv[argc + 1];
new_argv[0] = (char *)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
--- Comment #7 from Markus Trippelsdorf ---
To reproduce build glibc with -O3 and then run "make check".
Or directly:
~ % ~/glibc_build/elf/ld.so --library-path /home/trippels/glibc_build/
~/glibc_build/posix/tst-vfork3
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
--- Comment #6 from Markus Trippelsdorf ---
(In reply to Dominik Vogt from comment #5)
> Is that with any specific version of Glibc?
I was using trunk.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
--- Comment #5 from Dominik Vogt ---
Is that with any specific version of Glibc?
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
--- Comment #4 from Markus Trippelsdorf ---
On X86_64:
--- good2016-11-20 19:12:27.353412333 +0100
+++ bad 2016-11-20 19:13:37.738531151 +0100
@@ -892,7 +892,7 @@
leaq1(%rax), %rdx
cmpq$0, -8(%r12,%rdx,8)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
Markus Trippelsdorf changed:
What|Removed |Added
Target|powerpc |
Component|target
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78433
Andrew Pinski changed:
What|Removed |Added
Target Milestone|--- |7.0
