From owner-freebsd-bugs@freebsd.org  Tue Jan 12 23:19:37 2016
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id AA8EFA804D7
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Tue, 12 Jan 2016 23:19:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9CB2A1977
 for <freebsd-bugs@FreeBSD.org>; Tue, 12 Jan 2016 23:19:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u0CNJam0074755
 for <freebsd-bugs@FreeBSD.org>; Tue, 12 Jan 2016 23:19:37 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-bugs@FreeBSD.org
Subject: [Bug 206177] Out-of-bounds read in wcsncat(3)
Date: Tue, 12 Jan 2016 23:19:37 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 11.0-CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: brooks@FreeBSD.org
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: brooks@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: assigned_to bug_status cc
Message-ID: <bug-206177-8-6oStiXjQ1f@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-206177-8@https.bugs.freebsd.org/bugzilla/>
References: <bug-206177-8@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2016 23:19:37 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206177

Brooks Davis <brooks@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|freebsd-bugs@FreeBSD.org    |brooks@FreeBSD.org
             Status|New                         |Open
                 CC|                            |brooks@FreeBSD.org

--- Comment #3 from Brooks Davis <brooks@FreeBSD.org> ---
Great catch!  I'll get this committed.

FYI, on CHERI we'll hit this for all buffers not just ones that back into an
unmapped page (our pointers have hardware enforced bounds checks).

--=20
You are receiving this mail because:
You are the assignee for the bug.=