diff options
| author | Florian Weimer <fweimer@redhat.com> | 2016-04-27 14:26:47 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2016-04-27 14:26:47 +0200 |
| commit | b9bdfa7c8fa22c944bb5f21a673dfd1f91b71c56 (patch) | |
| tree | 51152c5b30660aae007c437bcf1169aff77d150a /ChangeLog | |
| parent | b06549a5e62d66ef16bdc2a2a6ec8e9dae2ea52b (diff) | |
| download | glibc-b9bdfa7c8fa22c944bb5f21a673dfd1f91b71c56.tar.gz glibc-b9bdfa7c8fa22c944bb5f21a673dfd1f91b71c56.tar.xz glibc-b9bdfa7c8fa22c944bb5f21a673dfd1f91b71c56.zip | |
resolv: Always set *resplen2 out parameter in send_vc [BZ #19825]
In various error scenarios (for example, if the server closes the TCP connection before sending the full response), send_vc can return without resetting the *resplen2 value. This can pass uninitialized or unexpected data to the caller.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog index 2a4ad3125a..954c95f9a9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2016-04-27 Florian Weimer <fweimer@redhat.com> + + [BZ #19825] + * resolv/res_send.c (send_vc): Remove early *resplen2 + initialization. Set *resplen2 on socket error. Call + close_and_return_error for other errors. + 2016-04-27 Stefan Liebler <stli@linux.vnet.ibm.com> * sysdeps/unix/sysv/linux/netiucv/iucv.h |