This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[COMMITTED 2.19] Don't ignore too long lines in nss_files (BZ #17079)
- From: Aurelien Jarno <aurelien at aurel32 dot net>
- To: libc-alpha at sourceware dot org
- Cc: Andreas Schwab <schwab at suse dot de>
- Date: Sun, 18 Oct 2015 23:03:02 +0200
- Subject: [COMMITTED 2.19] Don't ignore too long lines in nss_files (BZ #17079)
- Authentication-results: sourceware.org; auth=none
From: Andreas Schwab <schwab@suse.de>
(cherry picked from commit ac60763eac3d43b7234dd21286ad3ec3f17957fc)
Conflicts:
ChangeLog
NEWS
---
ChangeLog | 6 ++++++
NEWS | 4 ++--
nss/nss_files/files-XXX.c | 4 +++-
3 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 6aff2a2..815acf0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-06-23 Andreas Schwab <schwab@suse.de>
+
+ [BZ #17079]
+ * nss/nss_files/files-XXX.c (get_contents): Store overflow marker
+ before reading the next line.
+
2015-10-02 Andreas Schwab <schwab@suse.de>
* sysdeps/posix/getaddrinfo.c (gaih_inet): Advance address pointer
diff --git a/NEWS b/NEWS
index fb0fa3c..ed33f47 100644
--- a/NEWS
+++ b/NEWS
@@ -10,8 +10,8 @@ Version 2.19.1
* The following bugs are resolved with this release:
15946, 16545, 16574, 16623, 16657, 16695, 16743, 16878, 16882, 16885,
- 16916, 16932, 16943, 16958, 17048, 17069, 17137, 17153, 17213, 17263,
- 17325, 17555, 18287.
+ 16916, 16932, 16943, 16958, 17048, 17069, 17079, 17137, 17153, 17213,
+ 17263, 17325, 17555, 18287.
* A buffer overflow in gethostbyname_r and related functions performing DNS
requests has been fixed. If the NSS functions were called with a
diff --git a/nss/nss_files/files-XXX.c b/nss/nss_files/files-XXX.c
index 36242f9..d4cd95e 100644
--- a/nss/nss_files/files-XXX.c
+++ b/nss/nss_files/files-XXX.c
@@ -198,10 +198,12 @@ get_contents (char *linebuf, size_t len, FILE *stream)
{
int curlen = ((remaining_len > (size_t) INT_MAX) ? INT_MAX
: remaining_len);
- char *p = fgets_unlocked (curbuf, curlen, stream);
+ /* Terminate the line so that we can test for overflow. */
((unsigned char *) curbuf)[curlen - 1] = 0xff;
+ char *p = fgets_unlocked (curbuf, curlen, stream);
+
/* EOF or read error. */
if (p == NULL)
return gcr_error;
--
2.1.4