diff options
| author | Stan Shebs <stanshebs@google.com> | 2016-12-28 13:51:37 -0800 |
|---|---|---|
| committer | Stan Shebs <stanshebs@google.com> | 2016-12-28 13:51:37 -0800 |
| commit | 85ea40f66d959240ed03f62f64f74c17e27e409a (patch) | |
| tree | be167a8f30e2c2cc2924670c4c777a0a692a0b80 | |
| parent | b6099fb5b289b63204333465cfd704f45a824033 (diff) | |
| download | glibc-85ea40f66d959240ed03f62f64f74c17e27e409a.tar.gz glibc-85ea40f66d959240ed03f62f64f74c17e27e409a.tar.xz glibc-85ea40f66d959240ed03f62f64f74c17e27e409a.zip | |
Don't ignore too long lines in nss_files (BZ17079, CVE-2015-5277) Tested:
| -rw-r--r-- | README.google | 5 | ||||
| -rw-r--r-- | nss/nss_files/files-XXX.c | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/README.google b/README.google index 7b548cd60c..6677ba18da 100644 --- a/README.google +++ b/README.google @@ -615,3 +615,8 @@ elf/elf.h nss/nss_borg/borg-pwd.c Add /etc/passwd.borg.base as fallback passwd file. (b/30413914, b/32608777) (mrothwell/stanshebs, google-local) + +nss/nss_files/files-XXX.c + For b/26276654, don't ignore too long lines in nss_files (BZ17079, CVE-2015-5277) + https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=3fd498242948b1fa944c56646ec9b156387dd310 + (stanshebs, backport) diff --git a/nss/nss_files/files-XXX.c b/nss/nss_files/files-XXX.c index 733ae69c3a..3b90f7e6b4 100644 --- a/nss/nss_files/files-XXX.c +++ b/nss/nss_files/files-XXX.c @@ -198,10 +198,12 @@ get_contents (char *linebuf, size_t len, FILE *stream) { int curlen = ((remaining_len > (size_t) INT_MAX) ? INT_MAX : remaining_len); - char *p = fgets_unlocked (curbuf, curlen, stream); + /* Terminate the line so that we can test for overflow. */ ((unsigned char *) curbuf)[curlen - 1] = 0xff; + char *p = fgets_unlocked (curbuf, curlen, stream); + /* EOF or read error. */ if (p == NULL) return gcr_error; |