mirror of
git://sourceware.org/git/glibc.git
synced 2024-11-21 01:12:26 +08:00
CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]
This commit is contained in:
parent
979cfed05d
commit
d527c860f5
@ -1,3 +1,10 @@
|
||||
2018-11-27 Florian Weimer <fweimer@redhat.com>
|
||||
|
||||
[BZ #23927]
|
||||
CVE-2018-19591
|
||||
* sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex): Avoid
|
||||
descriptor leak in case of ENODEV error.
|
||||
|
||||
2018-11-27 Rafael Ávila de Espíndola <rafael@espindo.la>
|
||||
|
||||
[BZ #19767]
|
||||
|
4
NEWS
4
NEWS
@ -57,7 +57,9 @@ Changes to build and runtime requirements:
|
||||
|
||||
Security related changes:
|
||||
|
||||
[Add security related changes here]
|
||||
CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
|
||||
denial of service due to resource exhaustion when processing getaddrinfo
|
||||
calls with crafted host names. Reported by Guido Vranken.
|
||||
|
||||
The following bugs are resolved with this release:
|
||||
|
||||
|
@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
|
||||
return 0;
|
||||
#else
|
||||
struct ifreq ifr;
|
||||
int fd = __opensock ();
|
||||
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
if (strlen (ifname) >= IFNAMSIZ)
|
||||
{
|
||||
__set_errno (ENODEV);
|
||||
@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
|
||||
}
|
||||
|
||||
strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
|
||||
|
||||
int fd = __opensock ();
|
||||
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
|
||||
{
|
||||
int saved_errno = errno;
|
||||
|
Loading…
Reference in New Issue
Block a user