GNU C Library master sources branch master updated. glibc-2.28.9000-321-gd527c86

fw@sourceware.org fw@sourceware.org
Tue Nov 27 17:13:00 GMT 2018


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  d527c860f5a3f0ed687bd03f0cb464612dc23408 (commit)
      from  979cfed05d0ee5a9d81d310ea1eb2d590739e36b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d527c860f5a3f0ed687bd03f0cb464612dc23408

commit d527c860f5a3f0ed687bd03f0cb464612dc23408
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Nov 27 16:12:43 2018 +0100

    CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

diff --git a/ChangeLog b/ChangeLog
index 9bf877e..086cbd4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2018-11-27  Florian Weimer  <fweimer@redhat.com>
+
+	[BZ #23927]
+	CVE-2018-19591
+	* sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex): Avoid
+	descriptor leak in case of ENODEV error.
+
 2018-11-27  Rafael Ávila de Espíndola  <rafael@espindo.la>
 
 	[BZ #19767]
diff --git a/NEWS b/NEWS
index f488821..1098be1 100644
--- a/NEWS
+++ b/NEWS
@@ -57,7 +57,9 @@ Changes to build and runtime requirements:
 
 Security related changes:
 
-  [Add security related changes here]
+  CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
+  denial of service due to resource exhaustion when processing getaddrinfo
+  calls with crafted host names.  Reported by Guido Vranken.
 
 The following bugs are resolved with this release:
 
diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c
index e3d0898..782fc5e 100644
--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
   return 0;
 #else
   struct ifreq ifr;
-  int fd = __opensock ();
-
-  if (fd < 0)
-    return 0;
-
   if (strlen (ifname) >= IFNAMSIZ)
     {
       __set_errno (ENODEV);
@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
     }
 
   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+
+  int fd = __opensock ();
+
+  if (fd < 0)
+    return 0;
+
   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
     {
       int saved_errno = errno;

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                          |    7 +++++++
 NEWS                               |    4 +++-
 sysdeps/unix/sysv/linux/if_index.c |   11 ++++++-----
 3 files changed, 16 insertions(+), 6 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources



More information about the Glibc-cvs mailing list