From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by sourceware.org (Postfix) with ESMTPS id 330183858CDA; Thu, 14 Sep 2023 08:37:15 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 330183858CDA Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=suse.de Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id 6A8CE2185E; Thu, 14 Sep 2023 08:37:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1694680634; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=u9ZDk0VFJdezzjFvSgJlKnHi8GGqcwNUU/CHFQB+nG8=; b=yyAfBLJZshxWXQC3cHZ8PWbbXmWIr8p9J5vQS7XQ4xD+ZCRN/IVfBqoe2FlHa/ig8h5g/l lD3EfdWR+XQ1z4j4MG6qM+kdV+uh0msmg5y1BJD6HUim0brzCp6b8bM1bk7X064i/Aq1zD /UrfBjzkG+XlD0Kn0o+K5vTxuVx3UyQ= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1694680634; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=u9ZDk0VFJdezzjFvSgJlKnHi8GGqcwNUU/CHFQB+nG8=; b=vlYuST/wvEW/ocOVZG9QOjHGgTUWNjtv9H6knhAVanO+CES4WENlWZXRJxJUft7Wi13uGo 3gHfj/tfIv3ehCAg== Received: from hawking.nue2.suse.org (unknown [10.168.4.11]) by relay2.suse.de (Postfix) with ESMTP id 580122C142; Thu, 14 Sep 2023 08:37:14 +0000 (UTC) Received: by hawking.nue2.suse.org (Postfix, from userid 17005) id 5A0824A04BB; Thu, 14 Sep 2023 10:37:14 +0200 (CEST) From: Andreas Schwab To: Siddhesh Poyarekar Cc: libc-alpha@sourceware.org, fweimer@redhat.com, carlos@redhat.com Subject: Re: [PATCH v2] getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) In-Reply-To: <20230913205628.3113433-1-siddhesh@sourceware.org> (Siddhesh Poyarekar's message of "Wed, 13 Sep 2023 16:56:28 -0400") References: <20230913173638.3067388-1-siddhesh@sourceware.org> <20230913205628.3113433-1-siddhesh@sourceware.org> X-Yow: Yow! Are you the self-frying president? Date: Thu, 14 Sep 2023 10:37:14 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Status: No, score=-9.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Sep 13 2023, Siddhesh Poyarekar wrote: > diff --git a/nss/tst-nss-gai-hv2-canonname.c b/nss/tst-nss-gai-hv2-canonname.c > new file mode 100644 > index 0000000000..d5f10c07d6 > --- /dev/null > +++ b/nss/tst-nss-gai-hv2-canonname.c > @@ -0,0 +1,63 @@ > +/* Test NSS query path for plugins that only implement gethostbyname2 > + (#30843). > + Copyright The GNU Toolchain Authors. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include "nss/tst-nss-gai-hv2-canonname.h" > + > +#define PREPARE do_prepare > + > +static void do_prepare (int a, char **av) > +{ > + FILE *hosts = xfopen ("/etc/hosts", "w"); Doesn't that mean the test needs to be run as root? -- Andreas Schwab, SUSE Labs, schwab@suse.de GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7 "And now for something completely different."