This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Fix unbound stack use in NIS NSS module
- From: OndÅej BÃlka <neleai at seznam dot cz>
- To: Andreas Schwab <schwab at suse dot de>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 12 May 2014 14:09:52 +0200
- Subject: Re: [PATCH] Fix unbound stack use in NIS NSS module
- Authentication-results: sourceware.org; auth=none
- References: <mvmegzzxwat dot fsf at hawking dot suse dot de>
On Mon, May 12, 2014 at 09:58:50AM +0200, Andreas Schwab wrote:
> yp_match needs to put its request in a single RPC packet, so don't
> bother trying to support big items.
>
> Andreas.
>
> [BZ #16932]
> * nis/nss_nis/nis-hosts.c (internal_gethostbyname2_r)
> (_nss_nis_gethostbyname4_r): Return error if item length is larger
> than maximum RPC packet size.
> * nis/nss_nis/nis-initgroups.c (initgroups_netid): Likewise.
> * nis/nss_nis/nis-network.c (_nss_nis_getnetbyname_r): Likewise.
> * nis/nss_nis/nis-service.c (_nss_nis_getservbyname_r)
> (_nss_nis_getservbyport_r): Likewise.
> ---
A rationale of this patch is to prevent buffer overflow of subsequent
stack allocation.
This duplicates code a bit but I did not came with better solution so I am ok with that.