• Skip to sidebar navigation
  • Skip to content

Bitbucket

  • More
    ProjectsRepositories
  • Help
    • Online help
    • Learn Git
    • Welcome to Bitbucket
    • Keyboard shortcuts
  • Log In
Alexander Dahl
  1. Alexander Dahl

buildroot

Public
Actions
  • Clone
  • Compare

Learn more about cloning repositories

You have read-only access

Navigation
  • Source
  • Commits
  • Branches
  • All Branches Graph
  • Forks
  1. Alexander Dahl
  2. buildroot

Source

buildroot/package/glibc/2.22/0001-fix-CVE-2015-7547.patch
Gustavo ZacariasGustavo Zacarias committed 7b10101b6f617 Feb 2016
Raw file
Source viewDiff to previous
xxxxxxxxxx
 
1
Fetched from gentoo glibc patchball
2
Original patch filename: 10_all_glibc-CVE-2015-7547.patch
3
Based on: https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
4
​
5
Fixes:
6
CVE-2015-7547 - glibc getaddrinfo stack-based buffer overflow.
7
​
8
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
9
​
10
--- a/resolv/nss_dns/dns-host.c
11
+++ b/resolv/nss_dns/dns-host.c
12
@@ -1031,7 +1031,10 @@ gaih_getanswer_slice (const querybuf *answer, int anslen, const char *qname,
13
   int h_namelen = 0;
14
 
15
   if (ancount == 0)
16
-    return NSS_STATUS_NOTFOUND;
17
+    {
18
+      *h_errnop = HOST_NOT_FOUND;
19
+      return NSS_STATUS_NOTFOUND;
20
+    }
21
 
22
   while (ancount-- > 0 && cp < end_of_message && had_error == 0)
23
     {
24
@@ -1208,7 +1211,14 @@ gaih_getanswer_slice (const querybuf *answer, int anslen, const char *qname,
25
   /* Special case here: if the resolver sent a result but it only
26
      contains a CNAME while we are looking for a T_A or T_AAAA record,
27
      we fail with NOTFOUND instead of TRYAGAIN.  */
28
-  return canon == NULL ? NSS_STATUS_TRYAGAIN : NSS_STATUS_NOTFOUND;
29
+  if (canon != NULL)
30
+    {
31
+      *h_errnop = HOST_NOT_FOUND;
32
+      return NSS_STATUS_NOTFOUND;
33
+    }
34
+
35
+  *h_errnop = NETDB_INTERNAL;
36
+  return NSS_STATUS_TRYAGAIN;
37
 }
38
 
39
 
40
@@ -1242,8 +1252,15 @@ gaih_getanswer (const querybuf *answer1, int anslen1, const querybuf *answer2,
41
                             &pat, &buffer, &buflen,
42
                             errnop, h_errnop, ttlp,
43
                             &first);
44
+      /* Use the second response status in some cases.  */
45
       if (status != NSS_STATUS_SUCCESS && status2 != NSS_STATUS_NOTFOUND)
46
    status = status2;
47
+      /* Do not return a truncated second response (unless it was
48
+         unavoidable e.g. unrecoverable TRYAGAIN).  */
49
+      if (status == NSS_STATUS_SUCCESS
50
+     && (status2 == NSS_STATUS_TRYAGAIN
51
+         && *errnop == ERANGE && *h_errnop != NO_RECOVERY))
52
+   status = NSS_STATUS_TRYAGAIN;
53
     }
54
 
55
   return status;
56
--- a/resolv/res_query.c
57
+++ b/resolv/res_query.c
58
@@ -396,6 +396,7 @@ __libc_res_nsearch(res_state statp,
59
          {
60
            free (*answerp2);
61
            *answerp2 = NULL;
62
+           *nanswerp2 = 0;
63
            *answerp2_malloced = 0;
64
          }
65
    }
66
@@ -447,6 +448,7 @@ __libc_res_nsearch(res_state statp,
67
              {
68
                free (*answerp2);
69
                *answerp2 = NULL;
70
+               *nanswerp2 = 0;
71
                *answerp2_malloced = 0;
72
              }
73
 
74
@@ -521,6 +523,7 @@ __libc_res_nsearch(res_state statp,
75
      {
76
        free (*answerp2);
77
        *answerp2 = NULL;
78
+       *nanswerp2 = 0;
79
        *answerp2_malloced = 0;
80
      }
81
    if (saved_herrno != -1)
82
--- a/resolv/res_send.c
83
+++ b/resolv/res_send.c
84
@@ -639,11 +639,7 @@ send_vc(res_state statp,
85
 {
86
    const HEADER *hp = (HEADER *) buf;
87
    const HEADER *hp2 = (HEADER *) buf2;
88
-   u_char *ans = *ansp;
89
-   int orig_anssizp = *anssizp;
90
-   // XXX REMOVE
91
-   // int anssiz = *anssizp;
92
-   HEADER *anhp = (HEADER *) ans;
  • Git repository management for enterprise teams powered by Atlassian Bitbucket
  • Atlassian Bitbucket v6.7.2
  • Documentation
  • Request a feature
  • About
  • Contact Atlassian
Atlassian

Everything looks good. We'll let you know here if there's anything you should know about.