Accepting request 346999 from home:tsaupe:branches:Base:System:bsc956712-systemd

fix CVE-2015-7510: Stack overflow in nss-mymachines (boo#956712) OBS-URL: https://build.opensuse.org/request/show/346999 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=921
2015-12-02 15:48:26 +00:00 · 2015-12-02 15:48:26 +00:00 · 2e1f7c4ae0
commit 2e1f7c4ae0
parent 3a9ea8f8a3
5 changed files with 55 additions and 0 deletions
--- a/0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
+++ b/0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
@ -0,0 +1,37 @@
 From cb31827d62066a04b02111df3052949fda4b6888 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
 Date: Mon, 23 Nov 2015 13:59:43 -0500
 Subject: [PATCH] nss-mymachines: do not allow overlong machine names
 https://github.com/systemd/systemd/issues/2002
 ---
 src/nss-mymachines/nss-mymachines.c | 6 ++++++
 1 file changed, 6 insertions(+)
 diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c
 index 969fa96..c98a959 100644
 --- a/src/nss-mymachines/nss-mymachines.c
 +++ b/src/nss-mymachines/nss-mymachines.c
@@ -416,6 +416,9 @@ enum nss_status _nss_mymachines_getpwnam_r(
         if (!e || e == p)
                 goto not_found;
 +        if (e - p > HOST_NAME_MAX - 1) /* -1 for the last dash */
 +                goto not_found;
 +
         r = parse_uid(e + 1, &uid);
         if (r < 0)
                 goto not_found;
@@ -573,6 +576,9 @@ enum nss_status _nss_mymachines_getgrnam_r(
         if (!e || e == p)
                 goto not_found;
 +        if (e - p > HOST_NAME_MAX - 1)  /* -1 for the last dash */
 +                goto not_found;
 +
         r = parse_gid(e + 1, &gid);
         if (r < 0)
                 goto not_found;
 -- 
 2.1.4
--- a/systemd-mini.changes
+++ b/systemd-mini.changes
@ -1,3 +1,9 @@
 -------------------------------------------------------------------
 Mon Nov 30 13:59:52 UTC 2015 - thomas.blume@suse.com
 - fix CVE-2015-7510: Stack overflow in nss-mymachines (boo#956712)
  Add 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
 -------------------------------------------------------------------
 Wed Nov 18 14:17:05 UTC 2015 - jengelh@inai.de
--- a/systemd-mini.spec
+++ b/systemd-mini.spec
@ -245,6 +245,8 @@ Patch521:       kbd-model-map.patch
 Patch522:       Correct_assert_on_unexpected_error_code.patch
 # PATCH-FIX-SUSE Do not stress the kernel's vc ioctls (boo#904214)
 Patch523:       let-vconsole-setup-get-properties-only-once-to-copy-them.patch
 # PATCH-FIX-UPSTREAM (bsc#956712)
 Patch524:       0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
 # UDEV PATCHES
 # ============
@ -582,6 +584,7 @@ cp %{SOURCE7} m4/
 %patch521 -p1
 %patch522 -p1
 %patch523 -p0
 %patch524 -p1
 # udev patches
 %patch1002 -p1
--- a/systemd.changes
+++ b/systemd.changes
@ -1,3 +1,9 @@
 -------------------------------------------------------------------
 Mon Nov 30 13:59:52 UTC 2015 - thomas.blume@suse.com
 - fix CVE-2015-7510: Stack overflow in nss-mymachines (boo#956712)
  Add 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
 -------------------------------------------------------------------
 Wed Nov 18 14:17:05 UTC 2015 - jengelh@inai.de
--- a/systemd.spec
+++ b/systemd.spec
@ -240,6 +240,8 @@ Patch521:       kbd-model-map.patch
 Patch522:       Correct_assert_on_unexpected_error_code.patch
 # PATCH-FIX-SUSE Do not stress the kernel's vc ioctls (boo#904214)
 Patch523:       let-vconsole-setup-get-properties-only-once-to-copy-them.patch
 # PATCH-FIX-UPSTREAM (bsc#956712)
 Patch524:       0001-nss-mymachines-do-not-allow-overlong-machine-names.patch
 # UDEV PATCHES
 # ============
@ -577,6 +579,7 @@ cp %{SOURCE7} m4/
 %patch521 -p1
 %patch522 -p1
 %patch523 -p0
 %patch524 -p1
 # udev patches
 %patch1002 -p1