src/patches/glibc/glibc-rh1074342.patch

   1 commit c44496df2f090a56d3bf75df930592dac6bba46f
   2 Author: Siddhesh Poyarekar <siddhesh@redhat.com>
   3 Date:   Wed Mar 12 17:27:22 2014 +0530
   4
   5     Provide correct buffer length to netgroup queries in nscd (BZ #16695)
   6
   7     The buffer to query netgroup entries is allocated sufficient space for
   8     the netgroup entries and the key to be appended at the end, but it
   9     sends in an incorrect available length to the NSS netgroup query
  10     functions, resulting in overflow of the buffer in some special cases.
  11     The fix here is to factor in the key length when sending the available
  12     buffer and buffer length to the query functions.
  13
  14 diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
  15 index 426d3c5..5ba1e1f 100644
  16 --- a/nscd/netgroupcache.c
  17 +++ b/nscd/netgroupcache.c
  18 @@ -202,7 +202,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req,
  19                   {
  20                     int e;
  21                     status = getfct.f (&data, buffer + buffilled,
  22 -                                      buflen - buffilled, &e);
  23 +                                      buflen - buffilled - req->key_len, &e);
  24                     if (status == NSS_STATUS_RETURN
  25                         || status == NSS_STATUS_NOTFOUND)
  26                       /* This was either the last one for this group or the