From 8ec3f656d6edf6f16216105131fc8b0542216a5b Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Mon, 11 Nov 2013 12:24:42 +0100 Subject: [PATCH] Fix off-by-one in nscd getservbyport call --- ChangeLog | 6 ++++++ NEWS | 2 +- nscd/nscd_getserv_r.c | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index b70b51adb4..a35541e0e0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2013-11-11 Andreas Schwab + + [BZ #16153] + * nscd/nscd_getserv_r.c (__nscd_getservbyport_r): Don't include + terminating NUL in key length. + 2013-11-08 Adhemerval Zanella * sysdeps/unix/sysv/linux/powerpc/bits/libc-vdso.h (VDSO_IFUNC_RET): diff --git a/NEWS b/NEWS index 6a727246ac..e92f5fc17b 100644 --- a/NEWS +++ b/NEWS @@ -17,7 +17,7 @@ Version 2.19 15844, 15847, 15849, 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895, 15897, 15905, 15909, 15917, 15919, 15921, 15923, 15939, 15948, 15963, 15966, 15985, 15988, 16032, 16034, 16036, - 16037, 16041, 16071, 16072, 16074, 16078, 16112. + 16037, 16041, 16071, 16072, 16074, 16078, 16112, 16153. * CVE-2012-4412 The strcoll implementation caches indices and rules for large collation sequences to optimize multiple passes. This cache diff --git a/nscd/nscd_getserv_r.c b/nscd/nscd_getserv_r.c index c9c890c63c..772825854d 100644 --- a/nscd/nscd_getserv_r.c +++ b/nscd/nscd_getserv_r.c @@ -54,7 +54,7 @@ __nscd_getservbyport_r (int port, const char *proto, portstr[sizeof (portstr) - 1] = '\0'; char *cp = _itoa_word (port, portstr + sizeof (portstr) - 1, 10, 0); - return nscd_getserv_r (cp, portstr + sizeof (portstr) - cp, proto, + return nscd_getserv_r (cp, portstr + sizeof (portstr) - 1 - cp, proto, GETSERVBYPORT, result_buf, buf, buflen, result); } -- 2.11.4.GIT