[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNSResolver Libraries



In article <87y9cv2sie.fsf@labatt.uhoreg.ca>
hubert@uhoreg.ca writes:

>> Jeff> libc6 is indeed a big package and the Pine announcement seems
>> Jeff> rather general, if we are lucky, Debians libresolv.so wont need an
>> Jeff> update.
>> 
>> The Pine announcement only mentions the libc from BSD-based systems,
>> which is different from Linux's glibc, I believe.

No, it's problem on all resolver libraries originated from BIND, not
except glibc.

I got an information from a web bbs. It says that some parts of the
FreeBSD's patch 
<ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch>
was already applied
<http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/resolv/nss_dns/dns-host.c.diff?r1=1.15&r2=1.16&cvsroot=glibc&f=h>
, but not a part.

I attached the lack part of the patch with the mail. It is for
glibc-2.2.5, but it also need to apply potato's glibc.
-- 
NOKUBI Takatsugu
E-mail: knok@daionet.gr.jp
	knok@namazu.org / knok@debian.org

--- glibc-2.2.5/resolv/nss_dns/dns-network.c.org        2001-07-06 13:55:39.000000000 +0900
+++ glibc-2.2.5/resolv/nss_dns/dns-network.c    2002-06-28 21:42:26.000000000 +0900
@@ -328,7 +328,9 @@
            }
          cp += n;
          *alias_pointer++ = bp;
-         bp += strlen (bp) + 1;
+         n = strlen(bp) + 1;
+         bp += n;
+         linebuflen -= n;
          result->n_addrtype = class == C_IN ? AF_INET : AF_UNSPEC;
          ++have_answer;
        }


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: