Don't ignore too long lines in nss_files (BZ17079, CVE-2015-5277) Tested:

diff --git a/README.google b/README.google
index 7b548cd60cc788353d92719e6d50b64e1ee4c9a3..6677ba18da1515fbd972432c1a34e707c0c8f9df 100644 (file)
--- a/README.google
+++ b/README.google
@@ -615,3 +615,8 @@ elf/elf.h
 nss/nss_borg/borg-pwd.c
   Add /etc/passwd.borg.base as fallback passwd file. (b/30413914, b/32608777)
   (mrothwell/stanshebs, google-local)
+
+nss/nss_files/files-XXX.c
+  For b/26276654, don't ignore too long lines in nss_files (BZ17079, CVE-2015-5277)
+  https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=3fd498242948b1fa944c56646ec9b156387dd310
+  (stanshebs, backport)

diff --git a/nss/nss_files/files-XXX.c b/nss/nss_files/files-XXX.c
index 733ae69c3a22c623a5ebece6e354291fd2b2825d..3b90f7e6b4a2961b03cbe570481813fad185d787 100644 (file)
--- a/nss/nss_files/files-XXX.c
+++ b/nss/nss_files/files-XXX.c
@@ -198,10 +198,12 @@ get_contents (char *linebuf, size_t len, FILE *stream)
     {
       int curlen = ((remaining_len > (size_t) INT_MAX) ? INT_MAX
                    : remaining_len);
-      char *p = fgets_unlocked (curbuf, curlen, stream);
 
+      /* Terminate the line so that we can test for overflow.  */
       ((unsigned char *) curbuf)[curlen - 1] = 0xff;
 
+      char *p = fgets_unlocked (curbuf, curlen, stream);
+
       /* EOF or read error.  */
       if (p == NULL)
         return gcr_error;