lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-07-28 00:21:52 +03:00
Code Activity

nss_dns: Skip over non-PTR records in the netent code [BZ #19868]

Browse Source 
This requires additional checks for the RDATA length and the
availability of record metadata.
This commit is contained in:
Florian Weimer
2016-04-27 17:15:57 +02:00
parent c3bae689d3
commit a12f9431b3
2 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
resolv/nss_dns/dns-network.c
View File

@ -343,10 +343,23 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
if (n < 0 || res_dnok (bp) == 0)
break;
cp += n;
if (end_of_message - cp < 10)
{
__set_h_errno (NO_RECOVERY);
return NSS_STATUS_UNAVAIL;
}
GETSHORT (type, cp);
GETSHORT (class, cp);
cp += INT32SZ; /* TTL */
GETSHORT (n, cp);
uint16_t rdatalen;
GETSHORT (rdatalen, cp);
if (end_of_message - cp < rdatalen)
{
__set_h_errno (NO_RECOVERY);
return NSS_STATUS_UNAVAIL;
}
if (class == C_IN && type == T_PTR)
{
@ -368,7 +381,7 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
cp += n;
return NSS_STATUS_UNAVAIL;
}
cp += n;
cp += rdatalen;
if (alias_pointer + 2 < &net_data->aliases[MAX_NR_ALIASES])
{
*alias_pointer++ = bp;
@ -379,6 +392,9 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
++have_answer;
}
}
else
/* Skip over unknown record data. */
cp += rdatalen;
}
if (have_answer)