Subject: Re: [Boost-bugs] [Boost C++ Libraries] #6528: Potential vulnerability in programs recompiled for 64-bit platforms
From: Boost C++ Libraries (noreply_at_[hidden])
Date: 2012-02-07 08:45:48
#6528: Potential vulnerability in programs recompiled for 64-bit platforms
-------------------------------------+--------------------------------------
Reporter: econometrics@… | Owner: jsiek
Type: Bugs | Status: new
Milestone: To Be Determined | Component: dynamic_bitset
Version: Boost 1.38.0 | Severity: Problem
Resolution: | Keywords: Vulnerability, 64-bit, overflow
-------------------------------------+--------------------------------------
Comment (by anonymous):
I mean if you have written a code on 32-bit and are working directly with
m_bits, with the default dynamic_bitset<> you may suppose that m_bits is
an array of 4byte unsigned ints. But on the 64-bit m_bits.size() is
already twice lower! m_bits[index] is very likely to generate segfault in
this case. That is, the same code produces different results on 32-bit and
64-bit and the 64-bit one is vulnerable.
There is nothing to do with the
{{{
maximum size of a dynamic_bitset
}}}
-- Ticket URL: <https://svn.boost.org/trac/boost/ticket/6528#comment:2> Boost C++ Libraries <http://www.boost.org/> Boost provides free peer-reviewed portable C++ source libraries.
This archive was generated by hypermail 2.1.7 : 2017-02-16 18:50:08 UTC