From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <glibc-bugs-return-27195-listarch-glibc-bugs=sources.redhat.com@sourceware.org>
Received: (qmail 1882 invoked by alias); 28 Jan 2015 12:10:12 -0000
Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs@sourceware.org>
List-Help: <mailto:glibc-bugs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-owner@sourceware.org
Received: (qmail 1782 invoked by uid 48); 28 Jan 2015 12:10:07 -0000
From: "lauri.love at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235)
Date: Wed, 28 Jan 2015 12:10:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: network
X-Bugzilla-Version: 2.17
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: lauri.love at gmail dot com
X-Bugzilla-Status: RESOLVED
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: 2.18
X-Bugzilla-Flags: security+
X-Bugzilla-Changed-Fields:
Message-ID: <bug-15014-131-K8Ff4bmQJQ@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-15014-131@http.sourceware.org/bugzilla/>
References: <bug-15014-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-01/txt/msg00220.txt.bz2

https://sourceware.org/bugzilla/show_bug.cgi?id=15014

--- Comment #5 from nsh <lauri.love at gmail dot com> ---
I appreciate that from the bug metadata it's not apparent at all, and (now)
appreciate the work that has been and continues to be put into evaluating
security implications of bugs. In this case, at least, even a trivial grep of
the diff for 'buffer' would flag a mind suitably predisposed towards suspicion.

Could there be some more low-hanging automated patch-analysis fruits? Perhaps
there exists some static analysis tool designed to classify along these lines,
or if not, some more general tool might be specialized to the task. 

I should look into it and try a little myself, I suppose, to see if I'm being
over optimistic about the like reward to invested effort. 

Best, 
nsh

-- 
You are receiving this mail because:
You are on the CC list for the bug.