This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch gentoo/2.23 updated. glibc-2.23-45-g742bcfa

From: vapier at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 12 Nov 2016 06:41:16 -0000
Subject: GNU C Library master sources branch gentoo/2.23 updated. glibc-2.23-45-g742bcfa

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, gentoo/2.23 has been updated
       via  742bcfaa70ea522406dd046adafefa933d29ca50 (commit)
      from  b7d81292bf651f176790011e83338a496dc9e778 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=742bcfaa70ea522406dd046adafefa933d29ca50

commit 742bcfaa70ea522406dd046adafefa933d29ca50
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Apr 27 17:15:57 2016 +0200

    nss_dns: Skip over non-PTR records in the netent code [BZ #19868]
    
    This requires additional checks for the RDATA length and the
    availability of record metadata.
    
    (cherry picked from commit a12f9431b3808e78b9ed397e4fce7de69410d94d)
    (cherry picked from commit 1e5ac8a1daa360cd9632e5056e4bdf29e18ac2c7)

diff --git a/resolv/nss_dns/dns-network.c b/resolv/nss_dns/dns-network.c
index 8f301a7..ad6acff 100644
--- a/resolv/nss_dns/dns-network.c
+++ b/resolv/nss_dns/dns-network.c
@@ -345,10 +345,23 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
       if (n < 0 || res_dnok (bp) == 0)
 	break;
       cp += n;
+
+      if (end_of_message - cp < 10)
+	{
+	  __set_h_errno (NO_RECOVERY);
+	  return NSS_STATUS_UNAVAIL;
+	}
+
       GETSHORT (type, cp);
       GETSHORT (class, cp);
       cp += INT32SZ;		/* TTL */
-      GETSHORT (n, cp);
+      uint16_t rdatalen;
+      GETSHORT (rdatalen, cp);
+      if (end_of_message - cp < rdatalen)
+	{
+	  __set_h_errno (NO_RECOVERY);
+	  return NSS_STATUS_UNAVAIL;
+	}
 
       if (class == C_IN && type == T_PTR)
 	{
@@ -370,7 +383,7 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
 	      cp += n;
 	      return NSS_STATUS_UNAVAIL;
 	    }
-	  cp += n;
+	  cp += rdatalen;
          if (alias_pointer + 2 < &net_data->aliases[MAX_NR_ALIASES])
            {
              *alias_pointer++ = bp;
@@ -381,6 +394,9 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
              ++have_answer;
            }
 	}
+      else
+	/* Skip over unknown record data.  */
+	cp += rdatalen;
     }
 
   if (have_answer)

-----------------------------------------------------------------------

Summary of changes:
 resolv/nss_dns/dns-network.c |   20 ++++++++++++++++++--
 1 files changed, 18 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]