This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests
- From: fche at redhat dot com (Frank Ch. Eigler)
- To: Siddhesh Poyarekar <siddhesh at redhat dot com>
- Cc: "Carlos O'Donell" <carlos at redhat dot com>, libc-alpha at sourceware dot org
- Date: Thu, 24 Oct 2013 17:51:35 -0400
- Subject: Re: [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests
- Authentication-results: sourceware.org; auth=none
- References: <20131022071550 dot GG11038 at spoyarek dot pnq dot redhat dot com> <20131022125104 dot GI11038 at spoyarek dot pnq dot redhat dot com> <52681C52 dot 4070509 at redhat dot com> <20131024025220 dot GM7401 at spoyarek dot pnq dot redhat dot com>
Siddhesh Poyarekar <siddhesh@redhat.com> writes:
> [...]
> This size is controlled by the size of the DNS response or the
> response generated from /etc/hosts. Unless an attacker has control of
> the DNS server (or access to modify /etc/hosts) [...]
But the CVE's were issued precisely because sometimes attackers have
control of a DNS zone. But the DoS worry (that the act of attempting
to allocate excessive memory harms the system) seems quite remote in
this case.
- FChE