Code Review / packages / trusty / cirros-testvm.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
The cirros image was rebuilt against the 3.13.0-83 kernel, drivers e1000e, igbvf...
[packages/trusty/cirros-testvm.git] / cirros-testvm / src-cirros / buildroot-2015.05 / package / glibc / 2.20 / 0002-CVE-2014-9402.patch
diff --git a/cirros-testvm/src-cirros/buildroot-2015.05/package/glibc/2.20/0002-CVE-2014-9402.patch b/cirros-testvm/src-cirros/buildroot-2015.05/package/glibc/2.20/0002-CVE-2014-9402.patch
new file mode 100644 (file)
index 0000000..d6d753e
--- /dev/null
+++ b/cirros-testvm/src-cirros/buildroot-2015.05/package/glibc/2.20/0002-CVE-2014-9402.patch
@@ -0,0 +1,24 @@
+Fix CVE-2014-9402 - denial of service in getnetbyname function.
+Backport from https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=11e3417af6e354f1942c68a271ae51e892b2814d
+See https://bugzilla.redhat.com/show_bug.cgi?id=1175369
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
+diff --git a/resolv/nss_dns/dns-network.c b/resolv/nss_dns/dns-network.c
+index 0a77c8b..08cf0a6 100644
+--- a/resolv/nss_dns/dns-network.c
++++ b/resolv/nss_dns/dns-network.c
+@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
+       case BYNAME:
+         {
+-          char **ap = result->n_aliases++;
+-          while (*ap != NULL)
++          char **ap;
++          for (ap = result->n_aliases; *ap != NULL; ++ap)
+             {
+               /* Check each alias name for being of the forms:
+                  4.3.2.1.in-addr.arpa         = net 1.2.3.4
+-- 
+1.7.1
+