From a27cc8f8eddc7bb4c880af75fc8d7fabcda6f894 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 25 2017 13:29:45 +0000 Subject: import glibc-2.17-157.el7_3.2 --- diff --git a/SOURCES/glibc-rh1436312.patch b/SOURCES/glibc-rh1436312.patch new file mode 100644 index 0000000..7b46350 --- /dev/null +++ b/SOURCES/glibc-rh1436312.patch @@ -0,0 +1,54 @@ +Upstream commits: + +commit a071766ebfd853179ac39f9773f894029bf86d36 +Author: Andreas Schwab +Date: Thu Mar 20 15:05:25 2014 +0100 + + Fix use of half-initialized result in getaddrinfo when using nscd (bug 16743) + + This fixes a bug in the way the results from __nscd_getai are collected: + for every returned result a new entry is first added to the + gaih_addrtuple list, but if that result doesn't match the request this + entry remains uninitialized. So for this non-matching result an extra + result with uninitialized content is returned. + + To reproduce (with nscd running): + + $ getent ahostsv4 localhost + 127.0.0.1 STREAM localhost + 127.0.0.1 DGRAM + 127.0.0.1 RAW + (null) STREAM + (null) DGRAM + (null) RAW + +commit 8dc9751764eb1bedf06d19695524b31a16773413 +Author: Andreas Schwab +Date: Wed May 7 11:47:20 2014 +0200 + + Fix parsing of getai result from nscd for IPv6-only request + + +Index: b/sysdeps/posix/getaddrinfo.c +=================================================================== +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -725,6 +725,18 @@ gaih_inet (const char *name, const struc + { + socklen_t size = (air->family[i] == AF_INET + ? INADDRSZ : IN6ADDRSZ); ++ ++ if (!((air->family[i] == AF_INET ++ && req->ai_family == AF_INET6 ++ && (req->ai_flags & AI_V4MAPPED) != 0) ++ || req->ai_family == AF_UNSPEC ++ || air->family[i] == req->ai_family)) ++ { ++ /* Skip over non-matching result. */ ++ addrs += size; ++ continue; ++ } ++ + if (*pat == NULL) + { + *pat = addrfree++; diff --git a/SPECS/glibc.spec b/SPECS/glibc.spec index eb8e8d5..51d4a3a 100644 --- a/SPECS/glibc.spec +++ b/SPECS/glibc.spec @@ -1,6 +1,6 @@ %define glibcsrcdir glibc-2.17-c758a686 %define glibcversion 2.17 -%define glibcrelease 157%{?dist}.1 +%define glibcrelease 157%{?dist}.2 ############################################################################## # We support the following options: # --with/--without, @@ -1005,6 +1005,10 @@ Patch2075: glibc-rh1318890.patch Patch2076: glibc-rh1213603.patch Patch2077: glibc-rh1370630.patch +# getaddrinfo with nscd fixes +Patch2078: glibc-rh1436312.patch + + ############################################################################## # End of glibc patches. ############################################################################## @@ -1617,6 +1621,7 @@ package or when debugging this package. %patch2075 -p1 %patch2076 -p1 %patch2077 -p1 +%patch2078 -p1 # Rebase of microbenchmarks. %patch1607 -p1 %patch1609 -p1 @@ -2951,6 +2956,9 @@ rm -f *.filelist* %endif %changelog +* Tue Mar 28 2017 DJ Delorie - 2.17-157.2 +- Fix use of uninitialized data in getaddrinfo with nscd (#1436312) + * Thu Oct 27 2016 Carlos O'Donell - 2.17-157.1 - Do not set initgroups in default nsswitch.conf (#1388638) - nss_db: Request larger buffers for long group entries (#1388637)