rpms/glibc
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Resolves: #1321861

Browse Source 
nss_db: Fix handling of long entries
This commit is contained in:
Florian Weimer 2016-05-06 17:16:09 +02:00
parent 79cd021451
commit 84517e1bc0
2 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
glibc-rh1321861.patch Normal file
View File

@ -0,0 +1,36 @@
commit a6033052d08027f745867e5e346852da1959226c
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Mar 29 11:27:32 2016 +0200
nss_db: Propagate ERANGE error if parse_line fails [BZ #19837]
Reproducer (needs to run as root):
perl -e \
'print "large:x:999:" . join(",", map {"user$_"} (1 .. 135))."\n"' \
>> /etc/group
cd /var/db
make
getent -s db group
After the fix, the last command should list the "large" group.
The magic number 135 has been chosen so that the line is shorter than
1024 bytes, but the pointers required to encode the member array will
cross the threshold, triggering the bug.
diff --git a/nss/nss_db/db-XXX.c b/nss/nss_db/db-XXX.c
index 03c18d7..125a5e9 100644
--- a/nss/nss_db/db-XXX.c
+++ b/nss/nss_db/db-XXX.c
@@ -288,8 +288,8 @@ CONCAT(_nss_db_get,ENTNAME_r) (struct STRUCTURE *result, char *buffer,
}
if (err < 0)
{
- H_ERRNO_SET (HOST_NOT_FOUND);
- status = NSS_STATUS_NOTFOUND;
+ H_ERRNO_SET (NETDB_INTERNAL);
+ status = NSS_STATUS_TRYAGAIN;
break;
}

3
glibc.spec
View File

@ -234,6 +234,7 @@ Patch1011: glibc-rh1332914-5.patch
Patch1012: glibc-rh1313404-1.patch
Patch1013: glibc-rh1313404-2.patch
Patch1014: glibc-rh1313404-3.patch
Patch1015: glibc-rh1321861.patch
##############################################################################
#
@ -667,6 +668,7 @@ microbenchmark tests on the system.
%patch1012 -p1
%patch1013 -p1
%patch1014 -p1
%patch1015 -p1
%patch0059 -p1
##############################################################################
@ -1892,6 +1894,7 @@ rm -f *.filelist*
- CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r (#1321954)
- April 2016 nss_dns hardening (#1332914)
- Fix elf/tst-audit10 and elf/tst-audit4 failures (#1313404)
- nss_db: Fix handling of long entries (#1321861)
* Wed Mar 02 2016 Mike FABIAN <mfabian@redhat.com> - 2.22-11
- Add the C.UTF-8 locale