[Midnightbsd-cvs] [MidnightBSD/src] 496a9c: For line-buffered streams the __sflush() function ...
Lucas Holt
noreply at github.com
Wed Nov 8 09:13:33 EST 2023
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: 496a9ca51e1f5242182f0898cdb12842f9a41f47
https://github.com/MidnightBSD/src/commit/496a9ca51e1f5242182f0898cdb12842f9a41f47
Author: Lucas Holt <luke at foolishgames.com>
Date: 2023-11-08 (Wed, 08 Nov 2023)
Changed paths:
M lib/libc/stdio/fflush.c
Log Message:
-----------
For line-buffered streams the __sflush() function did not correctly update
the FILE object's write space member when the write(2) system call returns
an error.
Depending on the nature of an application that calls libc's stdio functions
and the presence of errors returned from the write(2) system call (or an
overridden stdio write routine) a heap buffer overfly may occur. Such
overflows may lead to data corruption or the execution of arbitrary code at
the privilege level of the calling program.
Obtained from: FreeBSD
More information about the Midnightbsd-cvs
mailing list