projects
/
platform
/
upstream
/
linaro-glibc.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
abddae1
)
CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow [BZ#18287]
author
Arjun Shankar
<arjun.is@lostca.se>
Tue, 21 Apr 2015 12:06:31 +0000
(14:06 +0200)
committer
Dongkyun, Son
<dongkyun.s@samsung.com>
Sun, 22 May 2016 13:28:56 +0000
(22:28 +0900)
Change-Id: I4104608d09d17826cd863877e1f0cdaffaecfe7f
Signed-off-by: Hyung-Kyu (HQ) Choi <hk0110.choi@samsung.com>
resolv/nss_dns/dns-host.c
patch
|
blob
|
history
diff --git
a/resolv/nss_dns/dns-host.c
b/resolv/nss_dns/dns-host.c
index
755832e
..
1a04900
100644
(file)
--- a/
resolv/nss_dns/dns-host.c
+++ b/
resolv/nss_dns/dns-host.c
@@
-615,7
+615,8
@@
getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
int have_to_map = 0;
uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
buffer += pad;
- if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad))
+ buflen = buflen > pad ? buflen - pad : 0;
+ if (__glibc_unlikely (buflen < sizeof (struct host_data)))
{
/* The buffer is too small. */
too_small: