This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]


On 04/01/2015 07:54 PM, Florian Weimer wrote:
> On 03/25/2015 06:47 AM, Siddhesh Poyarekar wrote:
>> On Mon, Mar 16, 2015 at 04:00:32PM +0100, Florian Weimer wrote:
>>> On 02/23/2015 12:42 PM, Florian Weimer wrote:
>>>> Robin Hack discovered that Samba would enter an infinite loop
>>>> when processing quota-related requests.  It turns out this is a
>>>> bug in the nss_files database.  Performing a lookup in the
>>>> middle of an iteration (say, getwuid between getpwent)
>>>> effectively resets the file pointer, so that the iteration
>>>> starts again from the beginning.
>>>>
>>>> Tested on x86_64-redhat-linux-gnu.  Okay to commit?
>>>
>>> Ping?
>>>
>>> Can we at least fix the most common instance of this bug?
>>
>> I agree.  Patch looks good to me.
> 
> Should I commit this in the interim, until we can get Andreas' more
> comprehensive patch reviewed?

I have committed this now.  After all, even with Andreas' patch, the
test case is still relevant.

-- 
Florian Weimer / Red Hat Product Security


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]