diff options
| author | Florian Weimer <fweimer@redhat.com> | 2024-04-25 15:01:07 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2024-04-25 16:07:52 +0200 |
| commit | e3eef1b8fbdd3a7917af466ca9c4b7477251ca79 (patch) | |
| tree | 7a6f10c02f8c3c8452dd35d4262674b938563267 /libc-abis | |
| parent | f20a8d696b13c6261b52a6434899121f8b19d5a7 (diff) | |
| download | glibc-e3eef1b8fbdd3a7917af466ca9c4b7477251ca79.tar.gz glibc-e3eef1b8fbdd3a7917af466ca9c4b7477251ca79.tar.xz glibc-e3eef1b8fbdd3a7917af466ca9c4b7477251ca79.zip | |
CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
The addgetnetgrentX call in addinnetgrX may have failed to produce a result, so the result variable in addinnetgrX can be NULL. Use db->negtimeout as the fallback value if there is no result data; the timeout is also overwritten below. Also avoid sending a second not-found response. (The client disconnects after receiving the first response, so the data stream did not go out of sync even without this fix.) It is still beneficial to add the negative response to the mapping, so that the client can get it from there in the future, instead of going through the socket. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> (cherry picked from commit b048a482f088e53144d26a61c390bed0210f49f2)
Diffstat (limited to 'libc-abis')
0 files changed, 0 insertions, 0 deletions