diff options
| author | Florian Weimer <fweimer@redhat.com> | 2016-04-27 16:39:12 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2016-04-27 16:39:12 +0200 |
| commit | 5e0c421cc07e2d06945b863ed3bb92395472705d (patch) | |
| tree | 6f06b7453f7ce8bddf128fed1aba799dad88f5a5 /ChangeLog | |
| parent | b9b026c9c00db1a1b5b4a3caa28162655a04a882 (diff) | |
| download | glibc-5e0c421cc07e2d06945b863ed3bb92395472705d.tar.gz glibc-5e0c421cc07e2d06945b863ed3bb92395472705d.tar.xz glibc-5e0c421cc07e2d06945b863ed3bb92395472705d.zip | |
nss_dns: Check address length before creating addrinfo result [BZ #19831]
Previously, we allocated room in the result space before the check, leaving uninitialized data there in case the check failed. This also consolidates the behavior between single (A or AAAA) and dual (A and AAAA in parallel) queries. Single queries checked the record length against the QTYPE, not the RRTYPE.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index 77db39e491..f1084eed12 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,13 @@ 2016-04-27 Florian Weimer <fweimer@redhat.com> + [BZ #19831] + * resolv/nss_dns/dns-host.c (rrtype_to_rdata_length): New + function. + (getanswer_r): Check RDATA length against RRTYPE and QTYPE. + (gaih_getanswer_slice): Check RDATA length against RRTYPE. + +2016-04-27 Florian Weimer <fweimer@redhat.com> + [BZ #19862] * resolv/nss_dns/dns-host.c (AskedForGot): Remove. (getanswer_r): Do not call syslog. |