| Title | GNU C Library (glibc) gmon allocated buffer overflow |
|---|
| Description | The call graph monitor (gmon) has a buffer overflow flaw.
Rounding up is missing during calculating the required size of the internal buffer.
It results in writing beyond the allocated buffer when an added call-graph arc address is near to the end of the monitored address range.
This flaw is minor and nonhazardous since effects only if the call graph monitor is activated, i.e. when local profiling is performed.
However, this bug is quite unpleasant for the developer, as it can distort a profiling results (run-to-run with ASLR) and lead to a memory corruption.
It is this issue that is the cause of many heisengbus noticed when using gprof (GNU Profiler) and gcov (GNU coverage testing tool). |
|---|
| Source | ⚠️ https://sourceware.org/bugzilla/show_bug.cgi?id=29444 |
|---|
| User | erthink (ID 40381) |
|---|
| Submission | 2023-02-06 18時26分 (1 Year ago) |
|---|
| Moderation | 2023-02-06 19時56分 (2 hours later) |
|---|
| Status | 已接受 |
|---|
| VulDB Entry | 220246 |
|---|