This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.17-500-g5b535ac
- From: schwab at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 3 Apr 2013 15:57:27 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.17-500-g5b535ac
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 5b535ac41945fa369a5f641acdeb0d7eadf4668e (commit)
via 1cef1b19089528db11f221e938f60b9b048945d7 (commit)
from 74d87055bfeb31ea37bc2356d88c065c612e1c0e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=5b535ac41945fa369a5f641acdeb0d7eadf4668e
commit 5b535ac41945fa369a5f641acdeb0d7eadf4668e
Author: Andreas Schwab <schwab@suse.de>
Date: Wed Apr 3 17:53:57 2013 +0200
Update NEWS
diff --git a/NEWS b/NEWS
index 8ecb2ee..513c185 100644
--- a/NEWS
+++ b/NEWS
@@ -15,6 +15,9 @@ Version 2.18
15160, 15214, 15232, 15234, 15283, 15285, 15287, 15304, 15305, 15307,
15327, 15330.
+* CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
+ #15078).
+
* CVE-2013-1914 Stack overflow in getaddrinfo with many results has been
fixed (Bugzilla #15330).
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=1cef1b19089528db11f221e938f60b9b048945d7
commit 1cef1b19089528db11f221e938f60b9b048945d7
Author: Andreas Schwab <schwab@suse.de>
Date: Thu Mar 21 15:50:27 2013 +0100
Fix stack overflow in getaddrinfo with many results
diff --git a/ChangeLog b/ChangeLog
index 3046d2e..deebea4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2013-04-03 Andreas Schwab <schwab@suse.de>
+
+ [BZ #15330]
+ * sysdeps/posix/getaddrinfo.c (getaddrinfo): Allocate results and
+ order arrays from heap if bigger than alloca cutoff.
+
2013-04-03 Thomas Schwinge <thomas@codesourcery.com>
* sysdeps/i386/fpu/math-tests.h (SNAN_TESTS_float)
diff --git a/NEWS b/NEWS
index 7718a0a..8ecb2ee 100644
--- a/NEWS
+++ b/NEWS
@@ -13,7 +13,10 @@ Version 2.18
14317, 14327, 14496, 14812, 14920, 14964, 14981, 14982, 14985, 14994,
14996, 15003, 15006, 15020, 15023, 15036, 15054, 15055, 15062, 15078,
15160, 15214, 15232, 15234, 15283, 15285, 15287, 15304, 15305, 15307,
- 15327.
+ 15327, 15330.
+
+* CVE-2013-1914 Stack overflow in getaddrinfo with many results has been
+ fixed (Bugzilla #15330).
* Add support for calling C++11 thread_local object destructors on thread
and program exit. This needs compiler support for offloading C++11
diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index d95c2d1..2309281 100644
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -2489,11 +2489,27 @@ getaddrinfo (const char *name, const char *service,
__typeof (once) old_once = once;
__libc_once (once, gaiconf_init);
/* Sort results according to RFC 3484. */
- struct sort_result results[nresults];
- size_t order[nresults];
+ struct sort_result *results;
+ size_t *order;
struct addrinfo *q;
struct addrinfo *last = NULL;
char *canonname = NULL;
+ bool malloc_results;
+
+ malloc_results
+ = !__libc_use_alloca (nresults * (sizeof (*results) + sizeof (size_t)));
+ if (malloc_results)
+ {
+ results = malloc (nresults * (sizeof (*results) + sizeof (size_t)));
+ if (results == NULL)
+ {
+ __free_in6ai (in6ai);
+ return EAI_MEMORY;
+ }
+ }
+ else
+ results = alloca (nresults * (sizeof (*results) + sizeof (size_t)));
+ order = (size_t *) (results + nresults);
/* Now we definitely need the interface information. */
if (! check_pf_called)
@@ -2664,6 +2680,9 @@ getaddrinfo (const char *name, const char *service,
/* Fill in the canonical name into the new first entry. */
p->ai_canonname = canonname;
+
+ if (malloc_results)
+ free (results);
}
__free_in6ai (in6ai);
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 ++++++
NEWS | 8 +++++++-
sysdeps/posix/getaddrinfo.c | 23 +++++++++++++++++++++--
3 files changed, 34 insertions(+), 3 deletions(-)
hooks/post-receive
--
GNU C Library master sources