pkgs/development/libraries/glibc/cve-2015-1781.patch at v206

pyrox.dev / nixpkgs

fork

lol

fork

nixpkgs / pkgs / development / libraries / glibc / cve-2015-1781.patch

at v206 27 lines 1.0 kB view raw

wrap content

Vladimír Čunát glibc: apply four security fixes from upstream 10y ago

1fbbeff0

 1From 2959eda9272a033863c271aff62095abd01bd4e3 Mon Sep 17 00:00:00 2001
 2From: Arjun Shankar <arjun.is@lostca.se>
 3Date: Tue, 21 Apr 2015 14:06:31 +0200
 4Subject: [PATCH] CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow
 5 [BZ#18287]
 6
 7---
 8 ChangeLog                 | 6 ++++++
 9 NEWS                      | 9 ++++++++-
10 resolv/nss_dns/dns-host.c | 3 ++-
11 3 files changed, 16 insertions(+), 2 deletions(-)
12
13diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
14index b16b0dd..d8c5579 100644
15--- a/resolv/nss_dns/dns-host.c
16+++ b/resolv/nss_dns/dns-host.c
17@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
18   int have_to_map = 0;
19   uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
20   buffer += pad;
21-  if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad))
22+  buflen = buflen > pad ? buflen - pad : 0;
23+  if (__glibc_unlikely (buflen < sizeof (struct host_data)))
24     {
25       /* The buffer is too small.  */
26     too_small:
27

Configure Feed

Configure Feed