+++ This bug was initially created as a clone of Bug #16071 +++
Adding a large number of IPv6 entries for a host in /etc/hosts and then querying it results in a segmentation fault.
Steps to Reproduce:
1. Create 50K '127.0.0.1 host-fubar' entries, and 50K '::1 host-fubar' entries in '/etc/hosts'.
2. Call getaddrinfo for 'node' = "host-fubar", no 'flags' set, and AF_INET in 'hints->ai_family'.
Patch coming up.
This has been assigned CVE-2013-4458.
Fixed in master:
Author: Siddhesh Poyarekar <email@example.com>
Date: Fri Oct 25 10:22:12 2013 +0530
Fix stack overflow due to large AF_INET6 requests
Resolves #16072 (CVE-2013-4458).
This patch fixes another stack overflow in getaddrinfo when it is
called with AF_INET6. The AF_UNSPEC case was fixed as CVE-2013-1914,
but the AF_INET6 case went undetected back then.
ChangeLog | 6 ++++++
NEWS | 5 ++++-
sysdeps/posix/getaddrinfo.c | 20 ++++++++++++++++++--
3 files changed, 28 insertions(+), 3 deletions(-)