This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch gentoo/2.23 updated. glibc-2.23-35-g48148b3
- From: vapier at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 12 Nov 2016 06:39:43 -0000
- Subject: GNU C Library master sources branch gentoo/2.23 updated. glibc-2.23-35-g48148b3
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, gentoo/2.23 has been updated
via 48148b3e5235ac0abe6e73d534e5454180f94be6 (commit)
from 0f9d26d14199e47e72d837dca429e3b5fd2276e7 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=48148b3e5235ac0abe6e73d534e5454180f94be6
commit 48148b3e5235ac0abe6e73d534e5454180f94be6
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon May 2 16:04:32 2016 +0200
hesiod: Avoid heap overflow in get_txt_records [BZ #20031]
(cherry picked from commit 8a03ccbb77f52ec4b55062eeedddb8daec1a33e4)
(cherry picked from commit 4c4b3cbb4638ec19de19c167d498e30fd67501ab)
diff --git a/hesiod/hesiod.c b/hesiod/hesiod.c
index 5b13b3f..98ddee3 100644
--- a/hesiod/hesiod.c
+++ b/hesiod/hesiod.c
@@ -411,7 +411,7 @@ get_txt_records(struct hesiod_p *ctx, int class, const char *name) {
cp += INT16SZ + INT32SZ; /* skip the ttl, too */
rr.dlen = ns_get16(cp);
cp += INT16SZ;
- if (cp + rr.dlen > eom) {
+ if (rr.dlen == 0 || cp + rr.dlen > eom) {
__set_errno(EMSGSIZE);
goto cleanup;
}
-----------------------------------------------------------------------
Summary of changes:
hesiod/hesiod.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
hooks/post-receive
--
GNU C Library master sources