* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
@ 2013-04-15 11:33 ` siddhesh at redhat dot com
2013-04-15 13:02 ` siddhesh at redhat dot com
` (7 subsequent siblings)
8 siblings, 0 replies; 10+ messages in thread
From: siddhesh at redhat dot com @ 2013-04-15 11:33 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=15014
Siddhesh Poyarekar <siddhesh at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |siddhesh at redhat dot com
AssignedTo|unassigned at sourceware |siddhesh at redhat dot com
|dot org |
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
2013-04-15 11:33 ` [Bug network/15014] " siddhesh at redhat dot com
@ 2013-04-15 13:02 ` siddhesh at redhat dot com
2013-05-21 10:57 ` schwab@linux-m68k.org
` (6 subsequent siblings)
8 siblings, 0 replies; 10+ messages in thread
From: siddhesh at redhat dot com @ 2013-04-15 13:02 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=15014
Siddhesh Poyarekar <siddhesh at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|siddhesh at redhat dot com |unassigned at sourceware
| |dot org
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
2013-04-15 11:33 ` [Bug network/15014] " siddhesh at redhat dot com
2013-04-15 13:02 ` siddhesh at redhat dot com
@ 2013-05-21 10:57 ` schwab@linux-m68k.org
2014-06-13 19:04 ` fweimer at redhat dot com
` (5 subsequent siblings)
8 siblings, 0 replies; 10+ messages in thread
From: schwab@linux-m68k.org @ 2013-05-21 10:57 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=15014
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
Target Milestone|--- |2.18
--- Comment #1 from Andreas Schwab <schwab@linux-m68k.org> 2013-05-21 10:57:13 UTC ---
Fixed by d5dd618
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
` (2 preceding siblings ...)
2013-05-21 10:57 ` schwab@linux-m68k.org
@ 2014-06-13 19:04 ` fweimer at redhat dot com
2015-01-27 15:07 ` [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235) fweimer at redhat dot com
` (4 subsequent siblings)
8 siblings, 0 replies; 10+ messages in thread
From: fweimer at redhat dot com @ 2014-06-13 19:04 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=15014
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
` (3 preceding siblings ...)
2014-06-13 19:04 ` fweimer at redhat dot com
@ 2015-01-27 15:07 ` fweimer at redhat dot com
2015-01-27 23:41 ` lauri.love at gmail dot com
` (3 subsequent siblings)
8 siblings, 0 replies; 10+ messages in thread
From: fweimer at redhat dot com @ 2015-01-27 15:07 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=15014
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Summary|gethostbyname_r() returns |gethostbyname_r() returns
|EINVAL (22) instead of |EINVAL (22) instead of
|ERANGE (34) |ERANGE (34) (CVE-2015-0235)
Alias| |CVE-2015-0235
Flags|security- |security+
--- Comment #2 from Florian Weimer <fweimer at redhat dot com> ---
Per <http://www.frsag.org/pipermail/frsag/2015-January/005722.html>,
CVE-2015-0235 was assigned to this issue.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
` (4 preceding siblings ...)
2015-01-27 15:07 ` [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235) fweimer at redhat dot com
@ 2015-01-27 23:41 ` lauri.love at gmail dot com
2015-01-28 1:59 ` joseph at codesourcery dot com
` (2 subsequent siblings)
8 siblings, 0 replies; 10+ messages in thread
From: lauri.love at gmail dot com @ 2015-01-27 23:41 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=15014
nsh <lauri.love at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |lauri.love at gmail dot com
--- Comment #3 from nsh <lauri.love at gmail dot com> ---
Right, obviously this is with all due deference and respect and I hope nobody
takes it the wrong way and thinks I'm being a dick or anything, but:
Could we take this moment and look back maybe somewhat systematically over
other closed bugs that were deemed of low importance and no security impact
which involved very clearly increasing the size of a buffer so that it becomes
big enough to not get overflowed?
This could save a lot on a lot of shitty logo design and hot air and generally
silliness in the future...
Best,
nsh
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
` (5 preceding siblings ...)
2015-01-27 23:41 ` lauri.love at gmail dot com
@ 2015-01-28 1:59 ` joseph at codesourcery dot com
2015-01-28 12:10 ` lauri.love at gmail dot com
2021-11-30 9:14 ` ma.ro.so01234567890 at gmail dot com
8 siblings, 0 replies; 10+ messages in thread
From: joseph at codesourcery dot com @ 2015-01-28 1:59 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=15014
--- Comment #4 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
Florian *has* reviewed over 3000 past glibc bugs for security impact
(there are a fair number more, mostly older bugs, not yet given a security
flag), but as this case illustrates it may not be apparent from the bug
description that a buffer overrun was involved at all (the subject of this
bug rather suggests a conformance issue with a wrong errno value).
Now, if someone else wants to do their own review of over 3000 bugs with
"security-" flag, and to query cases where they disagree with that
assessment, that would be welcome, but probably also very tedious and not
likely to find many cases of misclassified bugs.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
` (6 preceding siblings ...)
2015-01-28 1:59 ` joseph at codesourcery dot com
@ 2015-01-28 12:10 ` lauri.love at gmail dot com
2021-11-30 9:14 ` ma.ro.so01234567890 at gmail dot com
8 siblings, 0 replies; 10+ messages in thread
From: lauri.love at gmail dot com @ 2015-01-28 12:10 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=15014
--- Comment #5 from nsh <lauri.love at gmail dot com> ---
I appreciate that from the bug metadata it's not apparent at all, and (now)
appreciate the work that has been and continues to be put into evaluating
security implications of bugs. In this case, at least, even a trivial grep of
the diff for 'buffer' would flag a mind suitably predisposed towards suspicion.
Could there be some more low-hanging automated patch-analysis fruits? Perhaps
there exists some static analysis tool designed to classify along these lines,
or if not, some more general tool might be specialized to the task.
I should look into it and try a little myself, I suppose, to see if I'm being
over optimistic about the like reward to invested effort.
Best,
nsh
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Bug network/15014] gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) (CVE-2015-0235)
2013-01-12 21:41 [Bug network/15014] New: gethostbyname_r() returns EINVAL (22) instead of ERANGE (34) peter.klotz99 at gmail dot com
` (7 preceding siblings ...)
2015-01-28 12:10 ` lauri.love at gmail dot com
@ 2021-11-30 9:14 ` ma.ro.so01234567890 at gmail dot com
8 siblings, 0 replies; 10+ messages in thread
From: ma.ro.so01234567890 at gmail dot com @ 2021-11-30 9:14 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=15014
Angieng <ma.ro.so01234567890 at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ma.ro.so01234567890 at gmail dot c
| |om
--- Comment #7 from Angieng <ma.ro.so01234567890 at gmail dot com> ---
This is really great. Wanna keep this for future reference.
https://www.toledodeckpros.com
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 10+ messages in thread