diff options
author | Michael Olbrich <m.olbrich@pengutronix.de> | 2015-07-06 10:04:07 +0200 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2015-07-06 10:04:07 +0200 |
commit | 72dd7f1877da221bbe328731b65851cb5f56ec4b (patch) | |
tree | d9d558d9554c1442316dcdf14f36e12fb2a1fc91 /patches/glibc-2.20/0006-CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch | |
parent | 61da94e6331800a0dc42a6a1bc996cc33ab290b2 (diff) | |
download | OSELAS.Toolchain-72dd7f1877da221bbe328731b65851cb5f56ec4b.tar.gz OSELAS.Toolchain-72dd7f1877da221bbe328731b65851cb5f56ec4b.tar.xz |
glibc: add more security fixes
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'patches/glibc-2.20/0006-CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch')
-rw-r--r-- | patches/glibc-2.20/0006-CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/patches/glibc-2.20/0006-CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch b/patches/glibc-2.20/0006-CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch new file mode 100644 index 0000000..3c035a4 --- /dev/null +++ b/patches/glibc-2.20/0006-CVE-2015-1781-resolv-nss_dns-dns-host.c-buffer-overf.patch @@ -0,0 +1,23 @@ +From: Arjun Shankar <arjun.is@lostca.se> +Date: Tue, 21 Apr 2015 14:06:31 +0200 +Subject: [PATCH] CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow + [BZ#18287] + +--- + resolv/nss_dns/dns-host.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c +index 3258e709d20c..ed997030331c 100644 +--- a/resolv/nss_dns/dns-host.c ++++ b/resolv/nss_dns/dns-host.c +@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype, + int have_to_map = 0; + uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data); + buffer += pad; +- if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad)) ++ buflen = buflen > pad ? buflen - pad : 0; ++ if (__glibc_unlikely (buflen < sizeof (struct host_data))) + { + /* The buffer is too small. */ + too_small: |