Wind River Support Network


LIN6-14198 : calloc() returns non-zero'ed memory

Created: Jan 18, 2018    Updated: Dec 3, 2018
Resolved Date: Apr 13, 2018
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Toolchain


We encountered application crash because the memory area which is returned by calloc() didn't filled with zero.

Same problem was reported in glibc community:

  - Bug 1293976 - CVE-2015-5229 glibc: calloc() returns non-zero'ed memory [rhel-7.3.0]

This CVE-2015-5229 was once discussed and concluded as Not Applicable:

  - LIN6-10966: Security Advisory - glibc - CVE-2015-5229

However, the problematic code mentioned in Bug 1293976 was introduced after that;

  - LIN6-13118: WRlinux6 RCPL33 glibc change introduce null pointer memory access

I think straightforward way to fix this issue is to backport following commit:

  - Simplify perturb_byte logic.;a=commit;h=e8349efd466cfedc0aa98be61d88ca8795c9e565

Other Downloads

Live chat