forked from pool/glibc
Accepting request 233621 from home:Andreas_Schwab:Factory
- nss-nis-stack-use.patch: fix unbound stack use in NIS NSS module (BZ #16932) OBS-URL: https://build.opensuse.org/request/show/233621 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=365
This commit is contained in:
parent
cc8c150f76
commit
c0c9ae0337
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 12 13:22:40 UTC 2014 - schwab@suse.de
|
||||||
|
|
||||||
|
- nss-nis-stack-use.patch: fix unbound stack use in NIS NSS module (BZ
|
||||||
|
#16932)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed May 7 10:13:24 UTC 2014 - schwab@suse.de
|
Wed May 7 10:13:24 UTC 2014 - schwab@suse.de
|
||||||
|
|
||||||
|
@ -254,6 +254,8 @@ Patch1009: ibm-long-double-math.patch
|
|||||||
Patch1010: ibm-long-double-frexpl.patch
|
Patch1010: ibm-long-double-frexpl.patch
|
||||||
# PATCH-FIX-UPSTREAM Fix aarch64 setcontext clobbering alternate signal stack (BZ #16629)
|
# PATCH-FIX-UPSTREAM Fix aarch64 setcontext clobbering alternate signal stack (BZ #16629)
|
||||||
Patch1011: aarch64-setcontext.patch
|
Patch1011: aarch64-setcontext.patch
|
||||||
|
# PATCH-FIX-UPSTREAM Fix unbound stack use in NIS NSS module (BZ #16932)
|
||||||
|
Patch1012: nss-nis-stack-use.patch
|
||||||
|
|
||||||
###
|
###
|
||||||
# Patches awaiting upstream approval
|
# Patches awaiting upstream approval
|
||||||
@ -480,6 +482,7 @@ rm nscd/s-stamp
|
|||||||
%patch1009 -p1
|
%patch1009 -p1
|
||||||
%patch1010 -p1
|
%patch1010 -p1
|
||||||
%patch1011 -p1
|
%patch1011 -p1
|
||||||
|
%patch1012 -p1
|
||||||
|
|
||||||
%patch2000 -p1
|
%patch2000 -p1
|
||||||
%patch2001 -p1
|
%patch2001 -p1
|
||||||
|
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 12 13:22:40 UTC 2014 - schwab@suse.de
|
||||||
|
|
||||||
|
- nss-nis-stack-use.patch: fix unbound stack use in NIS NSS module (BZ
|
||||||
|
#16932)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed May 7 10:13:24 UTC 2014 - schwab@suse.de
|
Wed May 7 10:13:24 UTC 2014 - schwab@suse.de
|
||||||
|
|
||||||
|
@ -253,6 +253,8 @@ Patch1009: ibm-long-double-math.patch
|
|||||||
Patch1010: ibm-long-double-frexpl.patch
|
Patch1010: ibm-long-double-frexpl.patch
|
||||||
# PATCH-FIX-UPSTREAM Fix aarch64 setcontext clobbering alternate signal stack (BZ #16629)
|
# PATCH-FIX-UPSTREAM Fix aarch64 setcontext clobbering alternate signal stack (BZ #16629)
|
||||||
Patch1011: aarch64-setcontext.patch
|
Patch1011: aarch64-setcontext.patch
|
||||||
|
# PATCH-FIX-UPSTREAM Fix unbound stack use in NIS NSS module (BZ #16932)
|
||||||
|
Patch1012: nss-nis-stack-use.patch
|
||||||
|
|
||||||
###
|
###
|
||||||
# Patches awaiting upstream approval
|
# Patches awaiting upstream approval
|
||||||
@ -480,6 +482,7 @@ rm nscd/s-stamp
|
|||||||
%patch1009 -p1
|
%patch1009 -p1
|
||||||
%patch1010 -p1
|
%patch1010 -p1
|
||||||
%patch1011 -p1
|
%patch1011 -p1
|
||||||
|
%patch1012 -p1
|
||||||
|
|
||||||
%patch2000 -p1
|
%patch2000 -p1
|
||||||
%patch2001 -p1
|
%patch2001 -p1
|
||||||
|
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 12 13:22:40 UTC 2014 - schwab@suse.de
|
||||||
|
|
||||||
|
- nss-nis-stack-use.patch: fix unbound stack use in NIS NSS module (BZ
|
||||||
|
#16932)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed May 7 10:13:24 UTC 2014 - schwab@suse.de
|
Wed May 7 10:13:24 UTC 2014 - schwab@suse.de
|
||||||
|
|
||||||
|
@ -254,6 +254,8 @@ Patch1009: ibm-long-double-math.patch
|
|||||||
Patch1010: ibm-long-double-frexpl.patch
|
Patch1010: ibm-long-double-frexpl.patch
|
||||||
# PATCH-FIX-UPSTREAM Fix aarch64 setcontext clobbering alternate signal stack (BZ #16629)
|
# PATCH-FIX-UPSTREAM Fix aarch64 setcontext clobbering alternate signal stack (BZ #16629)
|
||||||
Patch1011: aarch64-setcontext.patch
|
Patch1011: aarch64-setcontext.patch
|
||||||
|
# PATCH-FIX-UPSTREAM Fix unbound stack use in NIS NSS module (BZ #16932)
|
||||||
|
Patch1012: nss-nis-stack-use.patch
|
||||||
|
|
||||||
###
|
###
|
||||||
# Patches awaiting upstream approval
|
# Patches awaiting upstream approval
|
||||||
@ -480,6 +482,7 @@ rm nscd/s-stamp
|
|||||||
%patch1009 -p1
|
%patch1009 -p1
|
||||||
%patch1010 -p1
|
%patch1010 -p1
|
||||||
%patch1011 -p1
|
%patch1011 -p1
|
||||||
|
%patch1012 -p1
|
||||||
|
|
||||||
%patch2000 -p1
|
%patch2000 -p1
|
||||||
%patch2001 -p1
|
%patch2001 -p1
|
||||||
|
111
nss-nis-stack-use.patch
Normal file
111
nss-nis-stack-use.patch
Normal file
@ -0,0 +1,111 @@
|
|||||||
|
2014-05-12 Andreas Schwab <schwab@suse.de>
|
||||||
|
|
||||||
|
[BZ #16932]
|
||||||
|
* nis/nss_nis/nis-hosts.c (internal_gethostbyname2_r)
|
||||||
|
(_nss_nis_gethostbyname4_r): Return error if item length is larger
|
||||||
|
than maximum RPC packet size.
|
||||||
|
* nis/nss_nis/nis-initgroups.c (initgroups_netid): Likewise.
|
||||||
|
* nis/nss_nis/nis-network.c (_nss_nis_getnetbyname_r): Likewise.
|
||||||
|
* nis/nss_nis/nis-service.c (_nss_nis_getservbyname_r)
|
||||||
|
(_nss_nis_getservbyport_r): Likewise.
|
||||||
|
|
||||||
|
Index: glibc-2.19/nis/nss_nis/nis-hosts.c
|
||||||
|
===================================================================
|
||||||
|
--- glibc-2.19.orig/nis/nss_nis/nis-hosts.c
|
||||||
|
+++ glibc-2.19/nis/nss_nis/nis-hosts.c
|
||||||
|
@@ -270,6 +270,13 @@ internal_gethostbyname2_r (const char *n
|
||||||
|
|
||||||
|
/* Convert name to lowercase. */
|
||||||
|
size_t namlen = strlen (name);
|
||||||
|
+ /* Limit name length to the maximum size of an RPC packet. */
|
||||||
|
+ if (namlen > UDPMSGSIZE)
|
||||||
|
+ {
|
||||||
|
+ *errnop = ERANGE;
|
||||||
|
+ return NSS_STATUS_UNAVAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
char name2[namlen + 1];
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
@@ -461,6 +468,13 @@ _nss_nis_gethostbyname4_r (const char *n
|
||||||
|
|
||||||
|
/* Convert name to lowercase. */
|
||||||
|
size_t namlen = strlen (name);
|
||||||
|
+ /* Limit name length to the maximum size of an RPC packet. */
|
||||||
|
+ if (namlen > UDPMSGSIZE)
|
||||||
|
+ {
|
||||||
|
+ *errnop = ERANGE;
|
||||||
|
+ return NSS_STATUS_UNAVAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
char name2[namlen + 1];
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
Index: glibc-2.19/nis/nss_nis/nis-initgroups.c
|
||||||
|
===================================================================
|
||||||
|
--- glibc-2.19.orig/nis/nss_nis/nis-initgroups.c
|
||||||
|
+++ glibc-2.19/nis/nss_nis/nis-initgroups.c
|
||||||
|
@@ -150,6 +150,13 @@ initgroups_netid (uid_t uid, gid_t group
|
||||||
|
gid_t **groupsp, long int limit, int *errnop,
|
||||||
|
const char *domainname)
|
||||||
|
{
|
||||||
|
+ /* Limit domainname length to the maximum size of an RPC packet. */
|
||||||
|
+ if (strlen (domainname) > UDPMSGSIZE)
|
||||||
|
+ {
|
||||||
|
+ *errnop = ERANGE;
|
||||||
|
+ return NSS_STATUS_UNAVAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* Prepare the key. The form is "unix.UID@DOMAIN" with the UID and
|
||||||
|
DOMAIN field filled in appropriately. */
|
||||||
|
char key[sizeof ("unix.@") + sizeof (uid_t) * 3 + strlen (domainname)];
|
||||||
|
Index: glibc-2.19/nis/nss_nis/nis-network.c
|
||||||
|
===================================================================
|
||||||
|
--- glibc-2.19.orig/nis/nss_nis/nis-network.c
|
||||||
|
+++ glibc-2.19/nis/nss_nis/nis-network.c
|
||||||
|
@@ -179,6 +179,13 @@ _nss_nis_getnetbyname_r (const char *nam
|
||||||
|
|
||||||
|
/* Convert name to lowercase. */
|
||||||
|
size_t namlen = strlen (name);
|
||||||
|
+ /* Limit name length to the maximum size of an RPC packet. */
|
||||||
|
+ if (namlen > UDPMSGSIZE)
|
||||||
|
+ {
|
||||||
|
+ *errnop = ERANGE;
|
||||||
|
+ return NSS_STATUS_UNAVAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
char name2[namlen + 1];
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
Index: glibc-2.19/nis/nss_nis/nis-service.c
|
||||||
|
===================================================================
|
||||||
|
--- glibc-2.19.orig/nis/nss_nis/nis-service.c
|
||||||
|
+++ glibc-2.19/nis/nss_nis/nis-service.c
|
||||||
|
@@ -271,6 +271,13 @@ _nss_nis_getservbyname_r (const char *na
|
||||||
|
/* If the protocol is given, we could try if our NIS server knows
|
||||||
|
about services.byservicename map. If yes, we only need one query. */
|
||||||
|
size_t keylen = strlen (name) + (protocol ? 1 + strlen (protocol) : 0);
|
||||||
|
+ /* Limit key length to the maximum size of an RPC packet. */
|
||||||
|
+ if (keylen > UDPMSGSIZE)
|
||||||
|
+ {
|
||||||
|
+ *errnop = ERANGE;
|
||||||
|
+ return NSS_STATUS_UNAVAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
char key[keylen + 1];
|
||||||
|
|
||||||
|
/* key is: "name/proto" */
|
||||||
|
@@ -355,6 +362,13 @@ _nss_nis_getservbyport_r (int port, cons
|
||||||
|
Otherwise try first port/tcp, then port/udp and then fallback
|
||||||
|
to sequential scanning of services.byname. */
|
||||||
|
const char *proto = protocol != NULL ? protocol : "tcp";
|
||||||
|
+ /* Limit protocol name length to the maximum size of an RPC packet. */
|
||||||
|
+ if (strlen (proto) > UDPMSGSIZE)
|
||||||
|
+ {
|
||||||
|
+ *errnop = ERANGE;
|
||||||
|
+ return NSS_STATUS_UNAVAIL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
do
|
||||||
|
{
|
||||||
|
/* key is: "port/proto" */
|
Loading…
Reference in New Issue
Block a user