r6103 - in glibc-package/branches/glibc-branch-wheezy/debian: . patches/any

Thu, 22 May 2014 14:03:18 -0700 

Author: aurel32
Date: 2014-05-22 20:45:21 +0000 (Thu, 22 May 2014)
New Revision: 6103

Modified:
   glibc-package/branches/glibc-branch-wheezy/debian/changelog
   
glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-CVE-2013-4458.diff
Log:
debian/patches/any/cvs-CVE-2013-4458.diff: backport a new part from
upstream to fix a regression introduced in 2.13-38+deb7u1 in IPv6 name
resolution.  Closes: #738652.

Modified: glibc-package/branches/glibc-branch-wheezy/debian/changelog
===================================================================
--- glibc-package/branches/glibc-branch-wheezy/debian/changelog 2014-05-22 
10:55:57 UTC (rev 6102)
+++ glibc-package/branches/glibc-branch-wheezy/debian/changelog 2014-05-22 
20:45:21 UTC (rev 6103)
@@ -21,6 +21,9 @@
     symlink removal to all biarch packages.
   * patches/any/submitted-nl_langinfo-static.diff: new patch from upstream
     to fix nl_langinfo() when used in static binaries.  Closes: #747103.
+  * debian/patches/any/cvs-CVE-2013-4458.diff: backport a new part from
+    upstream to fix a regression introduced in 2.13-38+deb7u1 in IPv6 name
+    resolution.  Closes: #738652.
 
  -- Aurelien Jarno <[email protected]>  Mon, 05 May 2014 14:21:03 +0200
 

Modified: 
glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-CVE-2013-4458.diff
===================================================================
--- 
glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-CVE-2013-4458.diff
        2014-05-22 10:55:57 UTC (rev 6102)
+++ 
glibc-package/branches/glibc-branch-wheezy/debian/patches/any/cvs-CVE-2013-4458.diff
        2014-05-22 20:45:21 UTC (rev 6103)
@@ -4,6 +4,12 @@
        * sysdeps/posix/getaddrinfo.c (gethosts): Allocate tmpbuf on
        heap for large requests.
 
+2012-08-22  Jeff Law <[email protected]>
+
+       [BZ #14505]
+       * sysdeps/posix/getaddrinfo.c (gaih_inet): Only use gethostbyname4_r
+       if the family is PF_UNSPEC.
+
 2011-06-10  Andreas Schwab  <[email protected]>
 
        * sysdeps/posix/getaddrinfo.c (gaih_inet): Fix logic allocating
@@ -378,12 +384,12 @@
                    {
                      __set_h_errno (herrno);
 -                    return -EAI_SYSTEM;
--                  }
++                    result = -EAI_SYSTEM;
+                   }
 -                if (herrno == TRY_AGAIN)
 -                  {
 -                    return -EAI_AGAIN;
-+                    result = -EAI_SYSTEM;
-                   }
+-                  }
 -                /* We made requests but they turned out no data.
 -                   The name is known, though.  */
 -                return GAIH_OKIFUNSPEC | -EAI_NODATA;
@@ -491,7 +497,7 @@
                }
            }
  #endif
-@@ -699,7 +835,19 @@
+@@ -699,13 +835,30 @@
          _res.options &= ~RES_USE_INET6;
  
          size_t tmpbuflen = 1024;
@@ -512,7 +518,20 @@
  
          while (!no_more)
            {
-@@ -728,8 +876,25 @@
+             no_data = 0;
+-            nss_gethostbyname4_r fct4
+-              = __nss_lookup_function (nip, "gethostbyname4_r");
++            nss_gethostbyname4_r fct4 = NULL;
++
++            /* gethostbyname4_r sends out parallel A and AAAA queries and
++               is thus only suitable for PF_UNSPEC.  */
++            if (req->ai_family == PF_UNSPEC)
++              fct4 = __nss_lookup_function (nip, "gethostbyname4_r");
++
+             if (fct4 != NULL)
+               {
+                 int herrno;
+@@ -728,8 +881,25 @@
                            no_data = herrno == NO_DATA;
                          break;
                        }
@@ -540,7 +559,7 @@
                    }
  
                  if (status == NSS_STATUS_SUCCESS)
-@@ -832,18 +997,40 @@
+@@ -832,18 +1002,40 @@
                              if (cfct != NULL)
                                {
                                  const size_t max_fqdn_len = 256;
@@ -586,7 +605,7 @@
                                }
                            }
                          status = NSS_STATUS_SUCCESS;
-@@ -878,22 +1065,27 @@
+@@ -878,22 +1070,27 @@
            {
              /* If both requests timed out report this.  */
              if (no_data == EAI_AGAIN && no_inet6_data == EAI_AGAIN)
@@ -620,7 +639,7 @@
        memset (at, '\0', sizeof (struct gaih_addrtuple));
  
        if (req->ai_family == AF_UNSPEC)
-@@ -932,30 +1124,56 @@
+@@ -932,30 +1129,56 @@
        /* Only the first entry gets the canonical name.  */
        if (at2 == at && (req->ai_flags & AI_CANONNAME) != 0)
          {
@@ -683,7 +702,7 @@
                  }
  
                if (h != NULL)
-@@ -982,11 +1200,16 @@
+@@ -982,11 +1205,16 @@
                int rc = __idna_to_unicode_lzlz (canon, &out, idn_flags);
                if (rc != IDNA_SUCCESS)
                  {
@@ -704,7 +723,7 @@
                  }
                /* In case the output string is the same as the input
                   string no new string has been allocated and we
-@@ -1001,10 +1224,25 @@
+@@ -1001,10 +1229,25 @@
  #ifdef HAVE_LIBIDN
              make_copy:
  #endif
@@ -733,7 +752,7 @@
          }
  
        family = at2->family;
-@@ -1030,7 +1268,8 @@
+@@ -1030,7 +1273,8 @@
            if (ai == NULL)
              {
                free ((char *) canon);
@@ -743,7 +762,7 @@
              }
  
            ai->ai_flags = req->ai_flags;
-@@ -1083,7 +1322,18 @@
+@@ -1083,7 +1327,18 @@
        at2 = at2->next;
        }
    }


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: https://lists.debian.org/[email protected]

Reply via email to