public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
@ 2013-10-04 20:18 dbavatar at gmail dot com
2013-10-08 19:17 ` [Bug network/16002] " neleai at seznam dot cz
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: dbavatar at gmail dot com @ 2013-10-04 20:18 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
Bug ID: 16002
Summary: calls to getaddrinfo() can segfault with large numbers
of local ipaddrs.
Product: glibc
Version: 2.18
Status: NEW
Severity: normal
Priority: P2
Component: network
Assignee: unassigned at sourceware dot org
Reporter: dbavatar at gmail dot com
__check_pf() uses alloca() without checking input size (list of local ipaddrs),
eventually this will exceed the stack and segfault. Needs to be converted to
alloca_account with malloc fallback. Patch being send to libc-alpha.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
@ 2013-10-08 19:17 ` neleai at seznam dot cz
2014-03-24 14:21 ` schwab@linux-m68k.org
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: neleai at seznam dot cz @ 2013-10-08 19:17 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
Ondrej Bilka <neleai at seznam dot cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mkubecek at suse dot cz
--- Comment #1 from Ondrej Bilka <neleai at seznam dot cz> ---
*** Bug 14806 has been marked as a duplicate of this bug. ***
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
2013-10-08 19:17 ` [Bug network/16002] " neleai at seznam dot cz
@ 2014-03-24 14:21 ` schwab@linux-m68k.org
2014-03-24 15:07 ` cvs-commit at gcc dot gnu.org
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: schwab@linux-m68k.org @ 2014-03-24 14:21 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
--- Comment #2 from Andreas Schwab <schwab@linux-m68k.org> ---
# ip li add name dummy0 type dummy
# site_id=$(head -c6 /dev/urandom | od -tx2 -An | tr ' ' ':')
# for ((i = 0; i < 65536; i++)) do
> ip ad ad $(printf fd80$site_id::%04x $i)/128 dev dummy0
> done
# (ulimit -s 900; getent ahosts localhost)
# ip li de dummy0
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
2013-10-08 19:17 ` [Bug network/16002] " neleai at seznam dot cz
2014-03-24 14:21 ` schwab@linux-m68k.org
@ 2014-03-24 15:07 ` cvs-commit at gcc dot gnu.org
2014-03-24 15:14 ` schwab@linux-m68k.org
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2014-03-24 15:07 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 44152e4b05fcc8bae5628cdb37342d9b7bd5ac3c (commit)
from b376a11a19aa7b64107081e4eed2327c25a131be (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=44152e4b05fcc8bae5628cdb37342d9b7bd5ac3c
commit 44152e4b05fcc8bae5628cdb37342d9b7bd5ac3c
Author: Andreas Schwab <schwab@suse.de>
Date: Mon Mar 24 11:06:30 2014 +0100
Account for alloca use when collecting interface addresses (bug 16002)
To reproduce:
# ip li add name dummy0 type dummy
# site_id=$(head -c6 /dev/urandom | od -tx2 -An | tr ' ' ':')
# for ((i = 0; i < 65536; i++)) do
> ip ad ad $(printf fd80$site_id::%04x $i)/128 dev dummy0
> done
# (ulimit -s 900; getent ahosts localhost)
# ip li de dummy0
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 6 ++++++
NEWS | 6 +++---
sysdeps/unix/sysv/linux/check_pf.c | 32 ++++++++++++++++++++++++++++----
3 files changed, 37 insertions(+), 7 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
` (2 preceding siblings ...)
2014-03-24 15:07 ` cvs-commit at gcc dot gnu.org
@ 2014-03-24 15:14 ` schwab@linux-m68k.org
2014-03-24 15:18 ` schwab@linux-m68k.org
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: schwab@linux-m68k.org @ 2014-03-24 15:14 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Version|2.18 |2.20
Resolution|--- |FIXED
--- Comment #4 from Andreas Schwab <schwab@linux-m68k.org> ---
Fixed in 2.20.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
` (3 preceding siblings ...)
2014-03-24 15:14 ` schwab@linux-m68k.org
@ 2014-03-24 15:18 ` schwab@linux-m68k.org
2014-06-13 12:42 ` fweimer at redhat dot com
2023-07-29 14:11 ` sam at gentoo dot org
6 siblings, 0 replies; 8+ messages in thread
From: schwab@linux-m68k.org @ 2014-03-24 15:18 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Version|2.20 |2.18
Target Milestone|--- |2.20
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
` (4 preceding siblings ...)
2014-03-24 15:18 ` schwab@linux-m68k.org
@ 2014-06-13 12:42 ` fweimer at redhat dot com
2023-07-29 14:11 ` sam at gentoo dot org
6 siblings, 0 replies; 8+ messages in thread
From: fweimer at redhat dot com @ 2014-06-13 12:42 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--- Comment #5 from Florian Weimer <fweimer at redhat dot com> ---
Administrator privileges are required to add interface address, so this does
not cross a trust boundary.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug network/16002] calls to getaddrinfo() can segfault with large numbers of local ipaddrs.
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
` (5 preceding siblings ...)
2014-06-13 12:42 ` fweimer at redhat dot com
@ 2023-07-29 14:11 ` sam at gentoo dot org
6 siblings, 0 replies; 8+ messages in thread
From: sam at gentoo dot org @ 2023-07-29 14:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16002
Sam James <sam at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sam at gentoo dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2023-07-29 14:11 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-10-04 20:18 [Bug network/16002] New: calls to getaddrinfo() can segfault with large numbers of local ipaddrs dbavatar at gmail dot com
2013-10-08 19:17 ` [Bug network/16002] " neleai at seznam dot cz
2014-03-24 14:21 ` schwab@linux-m68k.org
2014-03-24 15:07 ` cvs-commit at gcc dot gnu.org
2014-03-24 15:14 ` schwab@linux-m68k.org
2014-03-24 15:18 ` schwab@linux-m68k.org
2014-06-13 12:42 ` fweimer at redhat dot com
2023-07-29 14:11 ` sam at gentoo dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).