pool/glibc
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 205248 from Base:System

Browse Source 
- getaddrinfo-overflow.patch: Fix stack overflow due to large AF_INET6
  requests (CVE-2013-4458, bnc#847227) (forwarded request 205246 from Andreas_Schwab)

OBS-URL: https://build.opensuse.org/request/show/205248
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=160
This commit is contained in:
Stephan Kulow 2013-10-31 15:02:57 +00:00 committed by Git OBS Bridge
commit ba33eaada6
7 changed files with 71 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
getaddrinfo-overflow.patch Normal file
View File

@ -0,0 +1,44 @@
2013-10-25 Siddhesh Poyarekar <siddhesh@redhat.com>
[BZ #16072]
* sysdeps/posix/getaddrinfo.c (gethosts): Allocate tmpbuf on
heap for large requests.
Index: glibc-2.18/sysdeps/posix/getaddrinfo.c
===================================================================
--- glibc-2.18.orig/sysdeps/posix/getaddrinfo.c
+++ glibc-2.18/sysdeps/posix/getaddrinfo.c
@@ -197,7 +197,22 @@ gaih_inet_serv (const char *servicename,
&rc, &herrno, NULL, &localcanon)); \
if (rc != ERANGE || herrno != NETDB_INTERNAL) \
break; \
- tmpbuf = extend_alloca (tmpbuf, tmpbuflen, 2 * tmpbuflen); \
+ if (!malloc_tmpbuf && __libc_use_alloca (alloca_used + 2 * tmpbuflen)) \
+ tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen, 2 * tmpbuflen, \
+ alloca_used); \
+ else \
+ { \
+ char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL, \
+ 2 * tmpbuflen); \
+ if (newp == NULL) \
+ { \
+ result = -EAI_MEMORY; \
+ goto free_and_return; \
+ } \
+ tmpbuf = newp; \
+ malloc_tmpbuf = true; \
+ tmpbuflen = 2 * tmpbuflen; \
+ } \
} \
if (status == NSS_STATUS_SUCCESS && rc == 0) \
h = &th; \
@@ -209,7 +224,8 @@ gaih_inet_serv (const char *servicename,
{ \
__set_h_errno (herrno); \
_res.options |= old_res_options & RES_USE_INET6; \
- return -EAI_SYSTEM; \
+ result = -EAI_SYSTEM; \
+ goto free_and_return; \
} \
if (herrno == TRY_AGAIN) \
no_data = EAI_AGAIN; \

6
glibc-testsuite.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Oct 30 14:05:30 UTC 2013 - schwab@suse.de
- getaddrinfo-overflow.patch: Fix stack overflow due to large AF_INET6
requests (CVE-2013-4458, bnc#847227)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de

3
glibc-testsuite.spec
View File

@ -250,6 +250,8 @@ Patch1000: fcntl-o-tmpfile.patch
Patch1001: malloc-overflows.patch Patch1001: malloc-overflows.patch
# PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o # PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o
Patch1002: m68k-Scrt1.patch Patch1002: m68k-Scrt1.patch
# PATCH-FIX-UPSTREAM Fix stack overflow due to large AF_INET6 requests (CVE-2013-4458)
Patch1003: getaddrinfo-overflow.patch
### ###
# Patches awaiting upstream approval # Patches awaiting upstream approval
@ -478,6 +480,7 @@ rm nscd/s-stamp
%patch1000 -p1 %patch1000 -p1
%patch1001 -p1 %patch1001 -p1
%patch1002 -p1 %patch1002 -p1
%patch1003 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2 # XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1 # %patch2008 -p1

6
glibc-utils.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Oct 30 14:05:30 UTC 2013 - schwab@suse.de
- getaddrinfo-overflow.patch: Fix stack overflow due to large AF_INET6
requests (CVE-2013-4458, bnc#847227)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de

3
glibc-utils.spec
View File

@ -249,6 +249,8 @@ Patch1000: fcntl-o-tmpfile.patch
Patch1001: malloc-overflows.patch Patch1001: malloc-overflows.patch
# PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o # PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o
Patch1002: m68k-Scrt1.patch Patch1002: m68k-Scrt1.patch
# PATCH-FIX-UPSTREAM Fix stack overflow due to large AF_INET6 requests (CVE-2013-4458)
Patch1003: getaddrinfo-overflow.patch
### ###
# Patches awaiting upstream approval # Patches awaiting upstream approval
@ -478,6 +480,7 @@ rm nscd/s-stamp
%patch1000 -p1 %patch1000 -p1
%patch1001 -p1 %patch1001 -p1
%patch1002 -p1 %patch1002 -p1
%patch1003 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2 # XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1 # %patch2008 -p1

6
glibc.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Oct 30 14:05:30 UTC 2013 - schwab@suse.de
- getaddrinfo-overflow.patch: Fix stack overflow due to large AF_INET6
requests (CVE-2013-4458, bnc#847227)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de

3
glibc.spec
View File

@ -250,6 +250,8 @@ Patch1000: fcntl-o-tmpfile.patch
Patch1001: malloc-overflows.patch Patch1001: malloc-overflows.patch
# PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o # PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o
Patch1002: m68k-Scrt1.patch Patch1002: m68k-Scrt1.patch
# PATCH-FIX-UPSTREAM Fix stack overflow due to large AF_INET6 requests (CVE-2013-4458)
Patch1003: getaddrinfo-overflow.patch
### ###
# Patches awaiting upstream approval # Patches awaiting upstream approval
@ -478,6 +480,7 @@ rm nscd/s-stamp
%patch1000 -p1 %patch1000 -p1
%patch1001 -p1 %patch1001 -p1
%patch1002 -p1 %patch1002 -p1
%patch1003 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2 # XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1 # %patch2008 -p1