This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.28.9000-321-gd527c86
- From: fw at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 27 Nov 2018 17:13:16 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.28.9000-321-gd527c86
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via d527c860f5a3f0ed687bd03f0cb464612dc23408 (commit)
from 979cfed05d0ee5a9d81d310ea1eb2d590739e36b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d527c860f5a3f0ed687bd03f0cb464612dc23408
commit d527c860f5a3f0ed687bd03f0cb464612dc23408
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Nov 27 16:12:43 2018 +0100
CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]
diff --git a/ChangeLog b/ChangeLog
index 9bf877e..086cbd4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2018-11-27 Florian Weimer <fweimer@redhat.com>
+
+ [BZ #23927]
+ CVE-2018-19591
+ * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex): Avoid
+ descriptor leak in case of ENODEV error.
+
2018-11-27 Rafael Ã?vila de EspÃndola <rafael@espindo.la>
[BZ #19767]
diff --git a/NEWS b/NEWS
index f488821..1098be1 100644
--- a/NEWS
+++ b/NEWS
@@ -57,7 +57,9 @@ Changes to build and runtime requirements:
Security related changes:
- [Add security related changes here]
+ CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
+ denial of service due to resource exhaustion when processing getaddrinfo
+ calls with crafted host names. Reported by Guido Vranken.
The following bugs are resolved with this release:
diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c
index e3d0898..782fc5e 100644
--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
return 0;
#else
struct ifreq ifr;
- int fd = __opensock ();
-
- if (fd < 0)
- return 0;
-
if (strlen (ifname) >= IFNAMSIZ)
{
__set_errno (ENODEV);
@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
}
strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+
+ int fd = __opensock ();
+
+ if (fd < 0)
+ return 0;
+
if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
{
int saved_errno = errno;
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 7 +++++++
NEWS | 4 +++-
sysdeps/unix/sysv/linux/if_index.c | 11 ++++++-----
3 files changed, 16 insertions(+), 6 deletions(-)
hooks/post-receive
--
GNU C Library master sources