1316972 – glibc: NULL pointer dereference in stub resolver with unconnectable name server addresses

Bug 1316972 - glibc: NULL pointer dereference in stub resolver with unconnectable name server addresses

Summary: glibc: NULL pointer dereference in stub resolver with unconnectable name serv...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	glibc
Sub Component:
Version:	24
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Florian Weimer
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1331711 (view as bug list)
Depends On:
Blocks:	1320596 1320599 1323839
TreeView+	depends on / blocked

Reported:	2016-03-11 15:16 UTC by Florian Weimer
Modified:	2016-06-16 09:16 UTC (History)
CC List:	11 users (show)
Fixed In Version:	glibc-2.22-15.fc23, glibc-2.23.1-7.fc24
Clone Of:
Clones:	1320596 1320599 (view as bug list)
Environment:
Last Closed:	2016-05-15 04:53:53 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Sourceware	19791	0	None	None	None	2016-03-11 15:16:32 UTC
Sourceware	19825	0	None	None	None	2016-03-23 15:22:08 UTC

Description Florian Weimer 2016-03-11 15:16:32 UTC

If /etc/resolv.conf contains addresses which cause the connect system call to fail immediately, queries which trigger search along the search path result in a segmentation fault.

A workaround is to remove the problematic addresses from /etc/resolv.conf.

Comment 1 Florian Weimer 2016-03-23 15:22:08 UTC

swbz#19825 is a very similar bug in send_vc/TCP (the original bug is about send_dg/UDP), so far only observed under valgrind.

swbz#19831 and swbz#19830 should be backported as well, to get cleaner test suite runs.

Comment 2 Florian Weimer 2016-04-29 12:05:21 UTC

*** Bug 1331711 has been marked as a duplicate of this bug. ***

Comment 3 Fedora Update System 2016-05-07 17:18:39 UTC

glibc-2.22-15.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-68abc0be35

Comment 4 Fedora Update System 2016-05-08 16:24:58 UTC

glibc-2.22-15.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-68abc0be35

Comment 5 Florian Weimer 2016-05-09 09:41:01 UTC

Pre-existing 2.23 backport:

commit 3a188eb4e641d2df0cfd352fd09232347f28fbe1
Author: Florian Weimer <fweimer>
Date:   Fri Mar 25 11:49:51 2016 +0100

    resolv: Always set *resplen2 out parameter in send_dg [BZ #19791]

New backport:

commit 075b2665b159491fdd17f5aee90d47fa7388ed6f
Author: Florian Weimer <fweimer>
Date:   Wed Apr 27 14:26:47 2016 +0200

    resolv: Always set *resplen2 out parameter in send_vc [BZ #19825]
    
    In various error scenarios (for example, if the server closes the
    TCP connection before sending the full response), send_vc can return
    without resetting the *resplen2 value.  This can pass uninitialized
    or unexpected data to the caller.
    
    (cherry picked from commit b9bdfa7c8fa22c944bb5f21a673dfd1f91b71c56)

Comment 6 Fedora Update System 2016-05-09 14:56:33 UTC

glibc-2.23.1-6.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 7 Fedora Update System 2016-05-10 17:57:06 UTC

glibc-2.22-15.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 8 Fedora Update System 2016-05-10 20:30:01 UTC

glibc-2.23.1-6.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 9 Fedora Update System 2016-05-11 13:54:53 UTC

glibc-2.23.1-7.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 10 Fedora Update System 2016-05-12 09:43:57 UTC

glibc-2.23.1-7.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 11 Fedora Update System 2016-05-14 23:29:53 UTC

glibc-2.23.1-7.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.