This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch release/2.20/master updated. glibc-2.20-14-gf80af76
- From: allan at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 18 Dec 2014 01:07:14 -0000
- Subject: GNU C Library master sources branch release/2.20/master updated. glibc-2.20-14-gf80af76
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, release/2.20/master has been updated
via f80af76648ed97a76745fad6caa3315a79cb1c7c (commit)
from a3a1f4163c4d0f9a36056c8640661a88674ae8a2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=f80af76648ed97a76745fad6caa3315a79cb1c7c
commit f80af76648ed97a76745fad6caa3315a79cb1c7c
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Dec 15 17:41:13 2014 +0100
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
(cherry picked from commit 11e3417af6e354f1942c68a271ae51e892b2814d)
(cherry picked from commit e54db0ea6a49affac43fa305fd134f3020c41382)
Conflicts:
NEWS
diff --git a/ChangeLog b/ChangeLog
index 88d2f1e..e416cd0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-12-16 Florian Weimer <fweimer@redhat.com>
+
+ [BZ #17630]
+ * resolv/nss_dns/dns-network.c (getanswer_r): Iterate over alias
+ names.
+
2014-12-15 Jeff Law <law@redhat.com>
[BZ #16617]
diff --git a/NEWS b/NEWS
index f6cdb66..9bc835c 100644
--- a/NEWS
+++ b/NEWS
@@ -9,7 +9,7 @@ Version 2.20.1
* The following bugs are resolved with this release:
- 16617, 17266, 17370, 17371, 17460, 17485, 17555, 17625.
+ 16617, 17266, 17370, 17371, 17460, 17485, 17555, 17625, 17630.
* CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag
under certain input conditions resulting in the execution of a shell for
@@ -18,7 +18,11 @@ Version 2.20.1
shell and returns the error WRDE_CMDSUB as expected.
* CVE-2012-3406 printf-style functions could run into a stack overflow when
- processing format strings with a large number of format specifiers.a
+ processing format strings with a large number of format specifiers.
+
+* CVE-2014-9402 The nss_dns implementation of getnetbyname could run into an
+ infinite loopif the DNS response contained a PTR record of an unexpected
+ format.
�
Version 2.20
diff --git a/resolv/nss_dns/dns-network.c b/resolv/nss_dns/dns-network.c
index 0a77c8b..08cf0a6 100644
--- a/resolv/nss_dns/dns-network.c
+++ b/resolv/nss_dns/dns-network.c
@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
case BYNAME:
{
- char **ap = result->n_aliases++;
- while (*ap != NULL)
+ char **ap;
+ for (ap = result->n_aliases; *ap != NULL; ++ap)
{
/* Check each alias name for being of the forms:
4.3.2.1.in-addr.arpa = net 1.2.3.4
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 ++++++
NEWS | 8 ++++++--
resolv/nss_dns/dns-network.c | 4 ++--
3 files changed, 14 insertions(+), 4 deletions(-)
hooks/post-receive
--
GNU C Library master sources