From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from black.elm.relay.mailchannels.net (black.elm.relay.mailchannels.net [23.83.212.19]) by sourceware.org (Postfix) with ESMTPS id C77323858409 for ; Fri, 15 Sep 2023 23:48:06 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C77323858409 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=sourceware.org Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id B963A6C0C72 for ; Fri, 15 Sep 2023 23:48:05 +0000 (UTC) Received: from pdx1-sub0-mail-a222.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 3D9F96C0B6D for ; Fri, 15 Sep 2023 23:48:05 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1694821685; a=rsa-sha256; cv=none; b=mJy5KPQ6gdnZdRZ49WAw2CrW9PHmBBE3Dw8iojtQzuzFk6oLJQfSlX6S7WEulf7ya6C0hi UPE1ZCWfA083rzL4TEH3TsdToGlSi4X4EhUOivjSpMqSNmfmpdHB9C/2F5XFKrkKmgHHnW +Acd5Xh+VSPNYvIrgTHl7Z3xGgrb6N2FMs0SR8wOez9sxeNnXOiRvemS96feCOxF/b9Aca 0iwb1EWtqcF4bI5x7zMPQSg1ybfv7PXqjSANI54FL0zS1au6zZebsW/l+zTCWBTAN+eOiK klY0LIkDP/xXGUBgQ9kFDWGDiiB9izao8WRUQ7BFIwUZMSS7EDYOyTnmKRugJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1694821685; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=aYZWe7mMhQAVUxe1XVB7rUeAH0znEsSRGE7I413nFkc=; b=7+8fA7qkPbhOT3mnSknKu7ruZ9Awm7q7Xre0kM5By5VX9c8mo6YHQ5PNNNKjhiOne3JTj6 +JXk8zWrhDdKVuw/OxrYDvf/cmnC4ks1FYW9ntYoFLn6d69lwXdUtPFauPWpekTE8BSAaQ PxQCYjm2IjocBpg++18RcOixiXMSorbBRI/6MebQ7zZ/x3Q8yxSoBrP1KdrsXNxrq1qnru sGRcC7N+SRBX2KkabqqeXZYPb6LxRbGA1VpCygw/DYvvHZuzplRJj5NQwx7OgHw45Bn0CZ GkhIKCy35HgFYnUWwYEkyys0H9p/zwbq+WEphhvTUBrIJXv5c7s8Keq9emIGxg== ARC-Authentication-Results: i=1; rspamd-7d5dc8fd68-bwfcv; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Stretch-Exultant: 2d551ada7622e358_1694821685450_1747864122 X-MC-Loop-Signature: 1694821685450:1318155363 X-MC-Ingress-Time: 1694821685450 Received: from pdx1-sub0-mail-a222.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.115.138.83 (trex/6.9.1); Fri, 15 Sep 2023 23:48:05 +0000 Received: from fedora.redhat.com (bras-vprn-toroon4834w-lp130-02-142-113-138-41.dsl.bell.ca [142.113.138.41]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a222.dreamhost.com (Postfix) with ESMTPSA id 4RnW8h6Pmnz24 for ; Fri, 15 Sep 2023 16:48:04 -0700 (PDT) From: Siddhesh Poyarekar To: libc-stable@sourceware.org Subject: [pushed 2.35 00/13] Backport gaih_inet refactoring and CVE fix Date: Fri, 15 Sep 2023 19:47:42 -0400 Message-ID: <20230915234755.1148216-1-siddhesh@sourceware.org> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1165.7 required=5.0 tests=BAYES_00,KAM_DMARC_NONE,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_SOFTFAIL,TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Backport refactoring of gaih_inet to clean up allocations and fix CVE-2023-4806. Siddhesh Poyarekar (13): nss: Sort tests and tests-container and put one test per line gaih_inet: Simplify canon name resolution getaddrinfo: Fix leak with AI_ALL [BZ #28852] gaih_inet: Simplify service resolution gaih_inet: make numeric lookup a separate routine gaih_inet: Split simple gethostbyname into its own function gaih_inet: Split nscd lookup code into its own function. gaih_inet: separate nss lookup loop into its own function gaih_inet: make gethosts into a function gaih_inet: split loopback lookup into its own function gaih_inet: Split result generation into its own function gethosts: Return EAI_MEMORY on allocation failure getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) nss/Makefile | 56 +- nss/nss_test_gai_hv2_canonname.c | 56 + nss/tst-nss-gai-hv2-canonname.c | 63 + nss/tst-nss-gai-hv2-canonname.h | 1 + .../postclean.req | 0 .../tst-nss-gai-hv2-canonname.script | 2 + sysdeps/posix/getaddrinfo.c | 1574 +++++++++-------- 7 files changed, 977 insertions(+), 775 deletions(-) create mode 100644 nss/nss_test_gai_hv2_canonname.c create mode 100644 nss/tst-nss-gai-hv2-canonname.c create mode 100644 nss/tst-nss-gai-hv2-canonname.h create mode 100644 nss/tst-nss-gai-hv2-canonname.root/postclean.req create mode 100644 nss/tst-nss-gai-hv2-canonname.root/tst-nss-gai-hv2-canonname.script -- 2.41.0