This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.23-284-g8a03ccb
- From: fw at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 2 May 2016 14:08:24 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.23-284-g8a03ccb
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 8a03ccbb77f52ec4b55062eeedddb8daec1a33e4 (commit)
from 5018f16c6205404ba3aa7298dc8a3d45fbd46bfc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=8a03ccbb77f52ec4b55062eeedddb8daec1a33e4
commit 8a03ccbb77f52ec4b55062eeedddb8daec1a33e4
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon May 2 16:04:32 2016 +0200
hesiod: Avoid heap overflow in get_txt_records [BZ #20031]
diff --git a/ChangeLog b/ChangeLog
index 1149fd3..d7044ea 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2016-05-02 Florian Weimer <fweimer@redhat.com>
+ [BZ #20031]
+ * hesiod/hesiod.c (get_txt_records): Return error if TXT record is
+ completely empty.
+
+2016-05-02 Florian Weimer <fweimer@redhat.com>
+
[BZ #19573]
* hesiod/Makefile (libnss_hesiod-routines): Remove hesiod-init.
* hesiod/nss_hesiod/hesiod-init.c: Remove file.
diff --git a/hesiod/hesiod.c b/hesiod/hesiod.c
index 6ecbad1..c2925a0 100644
--- a/hesiod/hesiod.c
+++ b/hesiod/hesiod.c
@@ -398,7 +398,7 @@ get_txt_records(struct hesiod_p *ctx, int class, const char *name) {
cp += INT16SZ + INT32SZ; /* skip the ttl, too */
rr.dlen = ns_get16(cp);
cp += INT16SZ;
- if (cp + rr.dlen > eom) {
+ if (rr.dlen == 0 || cp + rr.dlen > eom) {
__set_errno(EMSGSIZE);
goto cleanup;
}
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 ++++++
hesiod/hesiod.c | 2 +-
2 files changed, 7 insertions(+), 1 deletions(-)
hooks/post-receive
--
GNU C Library master sources