| Summary: | getgrouplist memory corruption (CVE-2005-3590) | ||
|---|---|---|---|
| Product: | glibc | Reporter: | Thorsten Kukuk <kukuk> |
| Component: | libc | Assignee: | GOTO Masanori <gotom> |
| Status: | RESOLVED FIXED | ||
| Severity: | critical | CC: | fweimer, glibc-bugs |
| Priority: | P2 | Flags: | fweimer:
security+
|
| Version: | 2.3.4 | ||
| Target Milestone: | --- | ||
| Host: | Target: | ||
| Build: | Last reconfirmed: | ||
| Bug Depends on: | |||
| Bug Blocks: | 724 | ||
| Attachments: | Patch to check for enough space | ||
|
Description
Thorsten Kukuk
2005-01-14 13:21:52 UTC
Created attachment 352 [details]
Patch to check for enough space
Subject: Bug 661 CVSROOT: /cvs/glibc Module name: libc Changes by: roland@sources.redhat.com 2005-03-29 23:39:59 Modified files: grp : initgroups.c Log message: 2005-03-29 Thorsten Kukuk <kukuk@suse.de> [BZ #661] * grp/initgroups.c (internal_getgrouplist): Check if we have enough space before adding the primary group to the list. Patches: http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/grp/initgroups.c.diff?cvsroot=glibc&r1=1.33&r2=1.34 Subject: Bug 661 CVSROOT: /cvs/glibc Module name: libc Branch: glibc-2_3-branch Changes by: roland@sources.redhat.com 2005-03-29 23:40:49 Modified files: grp : initgroups.c Log message: 2005-03-29 Thorsten Kukuk <kukuk@suse.de> [BZ #661] * grp/initgroups.c (internal_getgrouplist): Check if we have enough space before adding the primary group to the list. Patches: http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/grp/initgroups.c.diff?cvsroot=glibc&only_with_tag=glibc-2_3-branch&r1=1.33&r2=1.33.2.1 Now in both branches. Subject: Bug 661 CVSROOT: /cvs/glibc Module name: libc Changes by: drepper@sourceware.org 2006-08-03 15:25:19 Modified files: grp : initgroups.c Log message: (internal_getgrouplist): Remove unnecessary test introduced in patch for bz #661. (getgrouplist): Simplify code a bit. Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/libc/grp/initgroups.c.diff?cvsroot=glibc&r1=1.34&r2=1.35 |