Bug 1333901 - glibc: getnameinfo: fix memory leak and incorrect truncation checks
Summary: glibc: getnameinfo: fix memory leak and incorrect truncation checks
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: glibc
Version: 24
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Florian Weimer
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-05-06 15:26 UTC by Florian Weimer
Modified: 2016-05-15 04:52 UTC (History)
9 users (show)

Fixed In Version: glibc-2.22-15.fc23, glibc-2.23.1-7.fc24
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-05-15 04:52:45 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Sourceware 19642 None None None 2016-05-06 15:26:07 UTC
Sourceware 19787 None None None 2016-05-06 15:26:37 UTC

Description Florian Weimer 2016-05-06 15:26:07 UTC
getnameinfo suffers from a memory leak if a scratch buffer is not freed.

In addition, truncation checks are wrong and getnameinfo can fail to return EAI_OVERFLOW.

Comment 1 Fedora Update System 2016-05-07 17:20:01 UTC
glibc-2.22-15.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-68abc0be35

Comment 2 Fedora Update System 2016-05-08 16:25:44 UTC
glibc-2.22-15.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-68abc0be35

Comment 3 Florian Weimer 2016-05-09 09:08:54 UTC
Fixed with these new 2.23 backports:

commit f8020794aea5d4feb38683fc8301ee04a4fc4759
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed May 4 14:45:17 2016 +0200

    getnameinfo: Return EAI_OVERFLOW in more cases [BZ #19787]
    
    The AF_LOCAL and AF_INET/AF_INET6 non-numerci service conversion
    did not return EAI_OVERFLOW if the supplied buffer was too small,
    silently returning truncated data.  In the AF_INET/AF_INET6
    numeric cases, the snprintf return value checking was incorrect.
    
    (cherry picked from commit 066746783d6c6c0f61b39c741177e24a9b398a20)

commit 05d2606fa110a8afd85419d969a6d55bf88efb0f
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed May 4 14:35:23 2016 +0200

    getnameinfo: Avoid calling strnlen on uninitialized buffer
    
    In the numeric AF_INET/AF_INET6 case, if inet_ntop fails
    as the result of a short host buffer, we used to call strnlen
    on the uninitialized host buffer.
    
    (cherry picked from commit 1c3490d4b29fc5b3f30dd6b13082046aee94443d)

commit c5aae1035cac6305a111e3461af23a924914d9f5
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed May 4 14:35:12 2016 +0200

    getnameinfo: Reduce line length and add missing comments
    
    (cherry picked from commit c9b0e6a432e827b61f12eb52c2aaeadc77b64461)

commit e5bcbfc23b356b62ebfcd1943655eab45a9ca87c
Author: Florian Weimer <fweimer@redhat.com>
Date:   Fri Apr 29 17:08:06 2016 +0200

    getnameinfo: Refactor and fix memory leak [BZ #19642]
    
    Split getnameinfo into separate functions for host and service
    lookups, and for different address families.
    
    (cherry picked from commit 2dce81a319601e1ee110f7316f705b48c5686e72)

commit 42a496388d00a6eb781e0b1c6754ae1f38790531
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Apr 28 17:41:49 2016 +0200

    getnameinfo: Do not preserve errno
    
    POSIX does not require it, the companion getaddrinfo implementation
    does not do it, and this behavior is not documented in the manual
    page, either.
    
    (cherry picked from commit 2b54cbce2c363ab6ae89d10657d7465858116d7a)

Comment 4 Fedora Update System 2016-05-09 14:57:07 UTC
glibc-2.23.1-6.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 5 Fedora Update System 2016-05-10 17:57:49 UTC
glibc-2.22-15.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Comment 6 Fedora Update System 2016-05-10 20:30:19 UTC
glibc-2.23.1-6.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 7 Fedora Update System 2016-05-11 13:55:35 UTC
glibc-2.23.1-7.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 8 Fedora Update System 2016-05-12 09:44:15 UTC
glibc-2.23.1-7.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74

Comment 9 Fedora Update System 2016-05-14 23:30:11 UTC
glibc-2.23.1-7.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.