diff options
| author | Florian Weimer <fweimer@redhat.com> | 2016-04-27 16:39:12 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2016-04-27 16:39:12 +0200 |
| commit | 5e0c421cc07e2d06945b863ed3bb92395472705d (patch) | |
| tree | 6f06b7453f7ce8bddf128fed1aba799dad88f5a5 /ChangeLog | |
| parent | b9b026c9c00db1a1b5b4a3caa28162655a04a882 (diff) | |
| download | glibc-5e0c421cc07e2d06945b863ed3bb92395472705d.zip glibc-5e0c421cc07e2d06945b863ed3bb92395472705d.tar.gz glibc-5e0c421cc07e2d06945b863ed3bb92395472705d.tar.bz2 | |
nss_dns: Check address length before creating addrinfo result [BZ #19831]
Previously, we allocated room in the result space before the check,
leaving uninitialized data there in case the check failed.
This also consolidates the behavior between single (A or AAAA) and
dual (A and AAAA in parallel) queries. Single queries checked
the record length against the QTYPE, not the RRTYPE.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -1,5 +1,13 @@ 2016-04-27 Florian Weimer <fweimer@redhat.com> + [BZ #19831] + * resolv/nss_dns/dns-host.c (rrtype_to_rdata_length): New + function. + (getanswer_r): Check RDATA length against RRTYPE and QTYPE. + (gaih_getanswer_slice): Check RDATA length against RRTYPE. + +2016-04-27 Florian Weimer <fweimer@redhat.com> + [BZ #19862] * resolv/nss_dns/dns-host.c (AskedForGot): Remove. (getanswer_r): Do not call syslog. |