From 7e5f0e0d95989d54d7cf12b7df6aba1f344710fb Mon Sep 17 00:00:00 2001
From: cvh <namerp@googlemail.com>
Date: Wed, 22 Nov 2017 14:19:25 +0100
Subject: [PATCH] nss-mdns: update to 47edc38

---
 packages/network/nss-mdns/package.mk          | 20 +++---
 .../patches/nss-mdns-fix-out-of-bounds.patch  | 70 +++++++++++++++++++
 2 files changed, 80 insertions(+), 10 deletions(-)
 create mode 100644 packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch

diff --git a/packages/network/nss-mdns/package.mk b/packages/network/nss-mdns/package.mk
index 78b3b89d42..53848cd1de 100644
--- a/packages/network/nss-mdns/package.mk
+++ b/packages/network/nss-mdns/package.mk
@@ -17,22 +17,22 @@
 ################################################################################
 
 PKG_NAME="nss-mdns"
-PKG_VERSION="0.10"
-PKG_SHA256="1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d8134fa6d"
+PKG_VERSION="47edc38"
+PKG_SHA256="f02e8baeceea30e82a2ecdaa8cafdbcabfdaa33a766f6942e7dc8aa81948f7b6"
 PKG_ARCH="any"
 PKG_LICENSE="GPL"
-PKG_SITE="http://0pointer.de/lennart/projects/nss-mdns/"
-# PKG_URL="http://0pointer.de/lennart/projects/nss-mdns/$PKG_NAME-$PKG_VERSION.tar.gz"
-PKG_URL="http://sources.openelec.tv/mirror/nss-mdns/$PKG_NAME-$PKG_VERSION.tar.gz"
+PKG_SITE="https://github.com/lathiat/nss-mdns"
+PKG_URL="https://github.com/lathiat/nss-mdns/archive/$PKG_VERSION.tar.gz"
 PKG_DEPENDS_TARGET="toolchain avahi"
 PKG_SECTION="network"
 PKG_SHORTDESC="nss-mdns is a plugin for nss to allow name resolution via Multicast DNS."
-PKG_LONGDESC="nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS (aka Zeroconf, aka Apple Rendezvous, aka Apple Bonjour), effectively allowing name resolution by common Unix/Linux programs in the ad-hoc mDNS domain .local."
+PKG_LONGDESC="nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS"
+PKG_TOOLCHAIN="autotools"
 
-PKG_CONFIGURE_OPTS_TARGET="--disable-lynx \
-        --enable-avahi \
-        --disable-legacy \
-        --disable-search-domains"
+makeinstall_target() {
+  mkdir -p $SYSROOT_PREFIX/usr/lib
+    cp -P $PKG_BUILD/.$TARGET_NAME/src/.libs/libnss_mdns_minimal.so.2 $SYSROOT_PREFIX/usr/lib
+}
 
 post_makeinstall_target() {
   mkdir -p $INSTALL/etc
diff --git a/packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch b/packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch
new file mode 100644
index 0000000000..a7fe5edb79
--- /dev/null
+++ b/packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch
@@ -0,0 +1,70 @@
+From 29fdeb2387e3a9cd49d5b1aa09ca23cdea60b91a Mon Sep 17 00:00:00 2001
+From: Sergei Trofimovich <slyfox@gentoo.org>
+Date: Tue, 15 Aug 2017 09:45:29 +0100
+Subject: [PATCH] src/nss.c: fix out-of-bounds memset()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+out-of-bounds access happens at memset() call site:
+
+  @@ -272,9 +272,9 @@ enum nss_status _nss_mdns_gethostbyname4_r(
+         // Copy address
+         memcpy(&(tuple->addr), &(u.data.result[i].address), address_length);
+         if(address_length < sizeof(ipv6_address_t)) {
+             memset((&(tuple->addr) + address_length - sizeof(ipv6_address_t)), 0,
+                 (sizeof(ipv6_address_t) - address_length)
+             );
+         }
+
+The problem here is in 'addr' type:
+  struct gaih_addrtuple {
+    ...
+    uint32_t addr[4];
+    ...
+  };
+
+It means pointer addressing is not byte-based as offsets imply and memset()
+wipes 12 bytes in hearby memory (of stack in glibc case).
+
+valgrind detects the overflow as:
+
+  ==12732== Invalid write of size 1
+  ==12732==    at 0x4C11A29: memset (vg_replace_strmem.c:1239)
+  ==12732==    by 0x57FA348: _nss_mdns_minimal_gethostbyname4_r (nss.c:292)
+  ==12732==    by 0x4F016D8: gaih_inet.constprop.7 (getaddrinfo.c:806)
+  ==12732==    by 0x4F02673: getaddrinfo (getaddrinfo.c:2317)
+  ==12732==    by 0x4800B3B: main (a.c:34)
+
+The effect is SIGSEGV-ing getaddrinfo() call on systems with
+the following nsswitch.conf:
+
+    hosts:       files mdns_minimal [NOTFOUND=return] dns
+
+The fix is to simplify memset()/memcpy() sequence.
+
+Reported-by: Michał Górny
+Bug: https://bugs.gentoo.org/627770
+Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
+---
+ src/nss.c | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/src/nss.c b/src/nss.c
+index ebb887c..1f50bad 100644
+--- a/src/nss.c
++++ b/src/nss.c
+@@ -271,12 +271,8 @@ enum nss_status _nss_mdns_gethostbyname4_r(
+         tuple->family = u.data.result[i].af;
+ 
+         // Copy address
++        memset(&(tuple->addr), 0, sizeof(ipv6_address_t));
+         memcpy(&(tuple->addr), &(u.data.result[i].address), address_length);
+-        if(address_length < sizeof(ipv6_address_t)) {
+-            memset((&(tuple->addr) + address_length - sizeof(ipv6_address_t)), 0,
+-                (sizeof(ipv6_address_t) - address_length)
+-            );
+-        }
+ 
+         // Assign interface scope id
+         tuple->scopeid = u.data.result[i].scopeid;