From patchwork Fri Mar 25 19:01:05 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 11525 Received: (qmail 45265 invoked by alias); 25 Mar 2016 19:01:10 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 45252 invoked by uid 89); 25 Mar 2016 19:01:10 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00, KAM_LAZY_DOMAIN_SECURITY, RP_MATCHES_RCVD, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy= X-HELO: mx1.redhat.com To: GNU C Library From: Florian Weimer Subject: [PATCH] nss_dns: Fix assertion failure in _nss_dns_getcanonname_r [BZ #19865] Message-ID: <56F58AF1.3000908@redhat.com> Date: Fri, 25 Mar 2016 20:01:05 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 As explained in the bug, this function seems to be dead code in typical configurations, so there does not seem to be any security impact. Florian 2016-03-25 Florian Weimer [BZ #19865] * resolv/nss_dns/dns-canon.c (_nss_dns_getcanonname_r): Restore original buffer before retry. diff --git a/resolv/nss_dns/dns-canon.c b/resolv/nss_dns/dns-canon.c index 5c5c6db..072104f 100644 --- a/resolv/nss_dns/dns-canon.c +++ b/resolv/nss_dns/dns-canon.c @@ -154,6 +154,13 @@ _nss_dns_getcanonname_r (const char *name, char *buffer, size_t buflen, ptr += rdatalen; } } + + /* Restore original buffer before retry. */ + if (ansp.ptr != buf) + { + free (ansp.ptr); + ansp.ptr = buf; + } } out: