This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]

From: Florian Weimer <fweimer at redhat dot com>
To: Andreas Schwab <schwab at suse dot de>
Cc: GNU C Library <libc-alpha at sourceware dot org>
Date: Mon, 23 Feb 2015 13:02:58 +0100
Subject: Re: [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]
Authentication-results: sourceware.org; auth=none
References: <54EB120A dot 1010202 at redhat dot com> <mvm7fv8hm71 dot fsf at hawking dot suse dot de>

On 02/23/2015 01:00 PM, Andreas Schwab wrote:
> Florian Weimer <fweimer@redhat.com> writes:
> 
>> Robin Hack discovered that Samba would enter an infinite loop when
>> processing quota-related requests.  It turns out this is a bug in the
>> nss_files database.  Performing a lookup in the middle of an iteration
>> (say, getwuid between getpwent) effectively resets the file pointer, so
>> that the iteration starts again from the beginning.
>>
>> Tested on x86_64-redhat-linux-gnu.  Okay to commit?
> 
> That doesn't fix the bug.  It still fails with a nis config.

Ugh, could you please elaborate?

-- 
Florian Weimer / Red Hat Product Security

Follow-Ups:
- Re: [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]
  - From: Andreas Schwab

References:
- [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]
  - From: Florian Weimer
- Re: [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]
  - From: Andreas Schwab

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]