diff options
author | DJ Delorie <dj@delorie.com> | 2017-10-07 13:32:00 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2017-10-07 13:32:01 +0200 |
commit | b70f43dcef0ca638d2d550ead8007f7c9bb7e4bb (patch) | |
tree | cc4dcc66bb94475d6e5759bee8f8c1f71a958dfc | |
parent | caa97d7a46db35a5ddb7bc53e56a866bc180c3b0 (diff) | |
download | glibc-b70f43dcef0ca638d2d550ead8007f7c9bb7e4bb.tar.gz |
Fix cast-after-dereference
Original code was dereferencing a char*, then casting the value
to size_t. Should cast the pointer to size_t* then deference.
(cherry picked from commit f8cef4d07d9641e27629bd3ce2d13f5d702fb251)
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | grp/grp-merge.c | 2 |
3 files changed, 7 insertions, 1 deletions
@@ -1,3 +1,8 @@ +2017-07-19 DJ Delorie <dj@delorie.com> + + [BZ #21654] + * grp/grp-merge.c (libc_hidden_def): Fix cast-after-dereference. + 2017-07-14 DJ Delorie <dj@redhat.com> [BZ #21654] @@ -28,6 +28,7 @@ The following bugs are resolved with this release: [21386] Assertion in fork for distinct parent PID is incorrect [21609] x86-64: Align the stack in __tls_get_addr [21624] Unsafe alloca allows local attackers to alias stack and heap (CVE-2017-1000366) + [21654] nss: Fix invalid cast in group merging Version 2.24 diff --git a/grp/grp-merge.c b/grp/grp-merge.c index 50573b8986..5f79755798 100644 --- a/grp/grp-merge.c +++ b/grp/grp-merge.c @@ -137,7 +137,7 @@ __merge_grp (struct group *savedgrp, char *savedbuf, char *savedend, /* Get the count of group members from the last sizeof (size_t) bytes in the mergegrp buffer. */ - savedmemcount = (size_t) *(savedend - sizeof (size_t)); + savedmemcount = *(size_t *) (savedend - sizeof (size_t)); /* Get the count of new members to add. */ for (memcount = 0; mergegrp->gr_mem[memcount]; memcount++) |