Segfault in getifaddrs_internal in glibc-2.20
Commit Message
Hi,
An Arch Linux user has encountered a segfault in getifaddrs_internal:
https://sourceware.org/bugzilla/show_bug.cgi?id=17371
This patch is posted there:
This seems to fix the issue for them. After looking at the code for a
long time, I am still not sure if this is the correct fix. Can anyone
confirm/deny?
Thanks,
Allan
Comments
On 09/13/2014 08:56 AM, Allan McRae wrote:
> An Arch Linux user has encountered a segfault in getifaddrs_internal:
> https://sourceware.org/bugzilla/show_bug.cgi?id=17371
I can't quite wrap my head around this issue. Can this result in memory
corruption and has potential security impact? Thanks.
Florian Weimer <fweimer@redhat.com> writes:
> On 09/13/2014 08:56 AM, Allan McRae wrote:
>
>> An Arch Linux user has encountered a segfault in getifaddrs_internal:
>> https://sourceware.org/bugzilla/show_bug.cgi?id=17371
>
> I can't quite wrap my head around this issue. Can this result in memory
> corruption and has potential security impact? Thanks.
It's effectively the same issue as 15698.
Andreas.
b/sysdeps/unix/sysv/linux/ifaddrs.c
@@ -774,7 +774,7 @@ getifaddrs_internal (struct ifaddrs **ifap)
unsigned int preflen;
if ((max_prefixlen > 0) &&
- (ifam->ifa_prefixlen > max_prefixlen))
+ (max_prefixlen > ifam->ifa_prefixlen))
preflen = max_prefixlen;
else
preflen = ifam->ifa_prefixlen;