Hello community, here is the log from the commit of package glibc for openSUSE:Factory checked in at 2013-10-31 16:02:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/glibc (Old) and /work/SRC/openSUSE:Factory/.glibc.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "glibc" Changes: -------- --- /work/SRC/openSUSE:Factory/glibc/glibc-testsuite.changes 2013-10-22 10:17:18.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.glibc.new/glibc-testsuite.changes 2013-10-31 16:02:59.000000000 +0100 @@ -1,0 +2,6 @@ +Wed Oct 30 14:05:30 UTC 2013 - schwab@suse.de + +- getaddrinfo-overflow.patch: Fix stack overflow due to large AF_INET6 + requests (CVE-2013-4458, bnc#847227) + +------------------------------------------------------------------- glibc-utils.changes: same change glibc.changes: same change New: ---- getaddrinfo-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ glibc-testsuite.spec ++++++ --- /var/tmp/diff_new_pack.8LGwKN/_old 2013-10-31 16:03:01.000000000 +0100 +++ /var/tmp/diff_new_pack.8LGwKN/_new 2013-10-31 16:03:01.000000000 +0100 @@ -250,6 +250,8 @@ Patch1001: malloc-overflows.patch # PATCH-FIX-UPSTREAM m68k: Use PIC for Scrt1.o Patch1002: m68k-Scrt1.patch +# PATCH-FIX-UPSTREAM Fix stack overflow due to large AF_INET6 requests (CVE-2013-4458) +Patch1003: getaddrinfo-overflow.patch ### # Patches awaiting upstream approval @@ -478,6 +480,7 @@ %patch1000 -p1 %patch1001 -p1 %patch1002 -p1 +%patch1003 -p1 # XXX Disable, it breaks the testsuite, test elf/tst-audit2 # %patch2008 -p1 glibc-utils.spec: same change glibc.spec: same change ++++++ getaddrinfo-overflow.patch ++++++ 2013-10-25 Siddhesh Poyarekar <siddhesh@redhat.com> [BZ #16072] * sysdeps/posix/getaddrinfo.c (gethosts): Allocate tmpbuf on heap for large requests. Index: glibc-2.18/sysdeps/posix/getaddrinfo.c =================================================================== --- glibc-2.18.orig/sysdeps/posix/getaddrinfo.c +++ glibc-2.18/sysdeps/posix/getaddrinfo.c @@ -197,7 +197,22 @@ gaih_inet_serv (const char *servicename, &rc, &herrno, NULL, &localcanon)); \ if (rc != ERANGE || herrno != NETDB_INTERNAL) \ break; \ - tmpbuf = extend_alloca (tmpbuf, tmpbuflen, 2 * tmpbuflen); \ + if (!malloc_tmpbuf && __libc_use_alloca (alloca_used + 2 * tmpbuflen)) \ + tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen, 2 * tmpbuflen, \ + alloca_used); \ + else \ + { \ + char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL, \ + 2 * tmpbuflen); \ + if (newp == NULL) \ + { \ + result = -EAI_MEMORY; \ + goto free_and_return; \ + } \ + tmpbuf = newp; \ + malloc_tmpbuf = true; \ + tmpbuflen = 2 * tmpbuflen; \ + } \ } \ if (status == NSS_STATUS_SUCCESS && rc == 0) \ h = &th; \ @@ -209,7 +224,8 @@ gaih_inet_serv (const char *servicename, { \ __set_h_errno (herrno); \ _res.options |= old_res_options & RES_USE_INET6; \ - return -EAI_SYSTEM; \ + result = -EAI_SYSTEM; \ + goto free_and_return; \ } \ if (herrno == TRY_AGAIN) \ no_data = EAI_AGAIN; \ -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org