CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r [BZ #19879]release/2.20/master

The defensive copy is not needed because the name may not alias the output buffer. (cherry picked from commit 317b199b4aff8cfa27f2302ab404d2bb5032b9a4) (cherry picked from commit f5b3338d70a7a2c626331ac4589b6deb2f610432)
author: Florian Weimer <fweimer@redhat.com> 2016-03-29 12:57:56 +0200
committer: Gabriel F. T. Gomes <gftg@linux.vnet.ibm.com> 2016-05-24 18:08:55 -0300
commit: 916ef0f69613613e11123657bff127bd26104630 (patch)
tree: 336643fe692894733c978233530139c7d3fcf362 /NEWS
parent: afc4daae0411d10e5d64646d5bafb05075e16151 (diff)
download: glibc-916ef0f69613613e11123657bff127bd26104630.zip
glibc-916ef0f69613613e11123657bff127bd26104630.tar.gz
glibc-916ef0f69613613e11123657bff127bd26104630.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index e6a5207..dc8679f 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,10 @@ Version 2.20.1
   called with the GLOB_ALTDIRFUNC flag and encountered a long file name.
   Reported by Alexander Cherepanov.  (CVE-2016-1234)
 
+* An unnecessary stack copy in _nss_dns_getnetbyname_r was removed.  It
+  could result in a stack overflow when getnetbyname was called with an
+  overly long name.  (CVE-2016-3075)
+
 * Previously, getaddrinfo copied large amounts of address data to the stack,
   even after the fix for CVE-2013-4458 has been applied, potentially
   resulting in a stack overflow.  getaddrinfo now uses a heap allocation
author	Florian Weimer <fweimer@redhat.com>	2016-03-29 12:57:56 +0200
committer	Gabriel F. T. Gomes <gftg@linux.vnet.ibm.com>	2016-05-24 18:08:55 -0300
commit	916ef0f69613613e11123657bff127bd26104630 (patch)
tree	336643fe692894733c978233530139c7d3fcf362 /NEWS
parent	afc4daae0411d10e5d64646d5bafb05075e16151 (diff)
download	glibc-916ef0f69613613e11123657bff127bd26104630.zip glibc-916ef0f69613613e11123657bff127bd26104630.tar.gz glibc-916ef0f69613613e11123657bff127bd26104630.tar.bz2