diff options
| author | Alexandre Oliva <aoliva@redhat.com> | 2014-11-21 03:29:56 -0200 |
|---|---|---|
| committer | Alexandre Oliva <aoliva@redhat.com> | 2014-11-21 03:29:56 -0200 |
| commit | 4969890247d7d6a548f17641ed5a18f4b713d211 (patch) | |
| tree | 26eeb456373435508696552d794f926f02f74701 /NEWS | |
| parent | 81959214868c9ac9e425fbf0fa3fd9135e207f7e (diff) | |
| download | glibc-4969890247d7d6a548f17641ed5a18f4b713d211.tar.gz | |
BZ#14498: fix infinite loop in nss_db_getservbyname
nss_db uses nss_files code for services, but a continue on protocol
mismatch that doesn't affect nss_files skipped the code that advanced
to the next db entry. Any one of these changes would suffice to fix
it, but fixing both makes them both safer to reuse elsewhere.
for ChangeLog
[BZ #14498]
* NEWS: Fixed.
* nss/nss_db/db-XXX.c (_nss_db_get##name##_r): Update hidx
after parsing line but before break_if_match.
* nss/nss_files/files-service (DB_LOOKUP): Don't "continue;"
if there is a protocol mismatch.
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -9,10 +9,10 @@ Version 2.21 * The following bugs are resolved with this release: - 6652, 12926, 14132, 14138, 14171, 15215, 15884, 17266, 17344, 17363, - 17370, 17371, 17411, 17460, 17475, 17485, 17501, 17506, 17508, 17522, - 17555, 17570, 17571, 17572, 17573, 17574, 17582, 17583, 17584, 17585, - 17589, 17594, 17616, 17625. + 6652, 12926, 14132, 14138, 14171, 14498, 15215, 15884, 17266, 17344, + 17363, 17370, 17371, 17411, 17460, 17475, 17485, 17501, 17506, 17508, + 17522, 17555, 17570, 17571, 17572, 17573, 17574, 17582, 17583, 17584, + 17585, 17589, 17594, 17616, 17625. * CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag under certain input conditions resulting in the execution of a shell for |