diff options
| author | Jakub Jelinek <jakub@redhat.com> | 2009-05-15 21:17:08 -0700 |
|---|---|---|
| committer | Petr Baudis <pasky@suse.cz> | 2009-05-22 04:54:50 +0200 |
| commit | b9e0df9847f3460c67e27e631af8662e7906ed6b (patch) | |
| tree | 2b7f681156ce2671b60a1afb60bdbcb11bd43440 /nscd/nscd_getai.c | |
| parent | f27dc66bb946b74df6817768758b1de49d4be887 (diff) | |
| download | glibc-b9e0df9847f3460c67e27e631af8662e7906ed6b.tar.gz glibc-b9e0df9847f3460c67e27e631af8662e7906ed6b.tar.xz glibc-b9e0df9847f3460c67e27e631af8662e7906ed6b.zip | |
Robustify libc-side nscd database reader.
The nscd database mapped in processes can change at any time. We have to be more vigilant when it comes to using that memory. Test the data entries are valid in their entire size, don't read data again from memory once we verified it, and make sure the trailing pointer is not going off the deep end. (cherry picked from commit cfe1fc1013d0e7e4863c974fa0e78891cc0a2ed2)
Diffstat (limited to 'nscd/nscd_getai.c')
| -rw-r--r-- | nscd/nscd_getai.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/nscd/nscd_getai.c b/nscd/nscd_getai.c index 674a5e7514..d1c5cd14e9 100644 --- a/nscd/nscd_getai.c +++ b/nscd/nscd_getai.c @@ -1,4 +1,5 @@ -/* Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +/* Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009 + Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@redhat.com>, 2004. @@ -75,7 +76,7 @@ __nscd_getai (const char *key, struct nscd_ai_result **result, int *h_errnop) if (mapped != NO_MAPPING) { struct datahead *found = __nscd_cache_search (GETAI, key, keylen, - mapped); + mapped, sizeof ai_resp); if (found != NULL) { respdata = (char *) (&found->data[0].aidata + 1); |