about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--README.google5
-rw-r--r--nss/nss_files/files-XXX.c4
2 files changed, 8 insertions, 1 deletions
diff --git a/README.google b/README.google
index 7b548cd60c..6677ba18da 100644
--- a/README.google
+++ b/README.google
@@ -615,3 +615,8 @@ elf/elf.h
 nss/nss_borg/borg-pwd.c
   Add /etc/passwd.borg.base as fallback passwd file. (b/30413914, b/32608777)
   (mrothwell/stanshebs, google-local)
+
+nss/nss_files/files-XXX.c
+  For b/26276654, don't ignore too long lines in nss_files (BZ17079, CVE-2015-5277)
+  https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=3fd498242948b1fa944c56646ec9b156387dd310
+  (stanshebs, backport)
diff --git a/nss/nss_files/files-XXX.c b/nss/nss_files/files-XXX.c
index 733ae69c3a..3b90f7e6b4 100644
--- a/nss/nss_files/files-XXX.c
+++ b/nss/nss_files/files-XXX.c
@@ -198,10 +198,12 @@ get_contents (char *linebuf, size_t len, FILE *stream)
     {
       int curlen = ((remaining_len > (size_t) INT_MAX) ? INT_MAX
 		    : remaining_len);
-      char *p = fgets_unlocked (curbuf, curlen, stream);
 
+      /* Terminate the line so that we can test for overflow.  */
       ((unsigned char *) curbuf)[curlen - 1] = 0xff;
 
+      char *p = fgets_unlocked (curbuf, curlen, stream);
+
       /* EOF or read error.  */
       if (p == NULL)
         return gcr_error;