From d0ecab50fd9041109b53403703cc266b345fcdcfd88aad9c12f57fce6ad8bf25 Mon Sep 17 00:00:00 2001
From: Andreas Schwab <schwab@suse.de>
Date: Wed, 28 Nov 2018 13:22:17 +0000
Subject: [PATCH] Accepting request 652421 from home:Andreas_Schwab:Factory

- if-nametoindex-descr-leak.patch: if_nametoindex: Fix descriptor leak for
  overlong name (CVE-2018-19591, BZ #23927, bsc#1117603)

OBS-URL: https://build.opensuse.org/request/show/652421
OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=514
---
 glibc.changes                   |  6 ++++++
 glibc.spec                      |  3 +++
 if-nametoindex-descr-leak.patch | 36 +++++++++++++++++++++++++++++++++
 3 files changed, 45 insertions(+)
 create mode 100644 if-nametoindex-descr-leak.patch

diff --git a/glibc.changes b/glibc.changes
index 13d8bd5..76f7998 100644
--- a/glibc.changes
+++ b/glibc.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Nov 28 09:52:49 UTC 2018 - schwab@suse.de
+
+- if-nametoindex-descr-leak.patch: if_nametoindex: Fix descriptor leak for
+  overlong name (CVE-2018-19591, BZ #23927, bsc#1117603)
+
 -------------------------------------------------------------------
 Wed Nov  7 17:24:35 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
 
diff --git a/glibc.spec b/glibc.spec
index 1143858..1716d29 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -290,6 +290,8 @@ Patch1008:      strstr-huge-needle.patch
 Patch1009:      pthread-mutex-lock-elision-race.patch
 # PATCH-FIX-UPSTREAM x86: Fix Haswell CPU string flags (BZ #23709)
 Patch1010:      x86-haswell-string-flags.patch
+# PATCH-FIX-UPSTREAM if_nametoindex: Fix descriptor leak for overlong name (CVE-2018-19591, BZ #23927)
+Patch1011:      if-nametoindex-descr-leak.patch
 
 ### 
 # Patches awaiting upstream approval
@@ -510,6 +512,7 @@ makedb: A program to create a database for nss
 %patch1008 -p1
 %patch1009 -p1
 %patch1010 -p1
+%patch1011 -p1
 
 %patch2000 -p1
 %patch2004 -p1
diff --git a/if-nametoindex-descr-leak.patch b/if-nametoindex-descr-leak.patch
new file mode 100644
index 0000000..66e2d01
--- /dev/null
+++ b/if-nametoindex-descr-leak.patch
@@ -0,0 +1,36 @@
+2018-11-27  Florian Weimer  <fweimer@redhat.com>
+
+	[BZ #23927]
+	CVE-2018-19591
+	* sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex): Avoid
+	descriptor leak in case of ENODEV error.
+
+Index: glibc-2.28/sysdeps/unix/sysv/linux/if_index.c
+===================================================================
+--- glibc-2.28.orig/sysdeps/unix/sysv/linux/if_index.c
++++ glibc-2.28/sysdeps/unix/sysv/linux/if_index.c
+@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
+   return 0;
+ #else
+   struct ifreq ifr;
+-  int fd = __opensock ();
+-
+-  if (fd < 0)
+-    return 0;
+-
+   if (strlen (ifname) >= IFNAMSIZ)
+     {
+       __set_errno (ENODEV);
+@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
+     }
+ 
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
++
++  int fd = __opensock ();
++
++  if (fd < 0)
++    return 0;
++
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
+       int saved_errno = errno;