jeans/LibreELEC.tv
jeans/LibreELEC.tv
1
0
Fork 0
mirror of https://github.com/LibreELEC/LibreELEC.tv.git synced 2025-07-29 13:46:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

nss-mdns: update to nss-mdns-0.14.1

Browse Source
This commit is contained in:
MilhouseVH 2019-06-12 22:25:54 +01:00
parent 8a44aff0ae
commit 7fe797c21d
2 changed files with 4 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packages/network/nss-mdns/package.mk
View File

@ -1,12 +1,13 @@
# SPDX-License-Identifier: GPL-2.0-or-later # SPDX-License-Identifier: GPL-2.0-or-later
# Copyright (C) 2009-2016 Stephan Raue (stephan@openelec.tv) # Copyright (C) 2009-2016 Stephan Raue (stephan@openelec.tv)
# Copyright (C) 2019-present Team LibreELEC (https://libreelec.tv)
PKG_NAME="nss-mdns" PKG_NAME="nss-mdns"
PKG_VERSION="47edc38" PKG_VERSION="0.14.1"
PKG_SHA256="f02e8baeceea30e82a2ecdaa8cafdbcabfdaa33a766f6942e7dc8aa81948f7b6" PKG_SHA256="4fe54bffd20e410fc41382dc6c4708cdfa3a65f50c3753f262dc4c78fd864a6e"
PKG_LICENSE="GPL" PKG_LICENSE="GPL"
PKG_SITE="https://github.com/lathiat/nss-mdns" PKG_SITE="https://github.com/lathiat/nss-mdns"
PKG_URL="https://github.com/lathiat/nss-mdns/archive/$PKG_VERSION.tar.gz" PKG_URL="https://github.com/lathiat/nss-mdns/archive/v$PKG_VERSION.tar.gz"
PKG_DEPENDS_TARGET="toolchain avahi" PKG_DEPENDS_TARGET="toolchain avahi"
PKG_LONGDESC="A plugin for nss to allow name resolution via Multicast DNS." PKG_LONGDESC="A plugin for nss to allow name resolution via Multicast DNS."
PKG_TOOLCHAIN="autotools" PKG_TOOLCHAIN="autotools"

70
packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch
View File

@ -1,70 +0,0 @@
From 29fdeb2387e3a9cd49d5b1aa09ca23cdea60b91a Mon Sep 17 00:00:00 2001
From: Sergei Trofimovich <slyfox@gentoo.org>
Date: Tue, 15 Aug 2017 09:45:29 +0100
Subject: [PATCH] src/nss.c: fix out-of-bounds memset()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
out-of-bounds access happens at memset() call site:
@@ -272,9 +272,9 @@ enum nss_status _nss_mdns_gethostbyname4_r(
// Copy address
memcpy(&(tuple->addr), &(u.data.result[i].address), address_length);
if(address_length < sizeof(ipv6_address_t)) {
memset((&(tuple->addr) + address_length - sizeof(ipv6_address_t)), 0,
(sizeof(ipv6_address_t) - address_length)
);
}
The problem here is in 'addr' type:
struct gaih_addrtuple {
...
uint32_t addr[4];
...
};
It means pointer addressing is not byte-based as offsets imply and memset()
wipes 12 bytes in hearby memory (of stack in glibc case).
valgrind detects the overflow as:
==12732== Invalid write of size 1
==12732== at 0x4C11A29: memset (vg_replace_strmem.c:1239)
==12732== by 0x57FA348: _nss_mdns_minimal_gethostbyname4_r (nss.c:292)
==12732== by 0x4F016D8: gaih_inet.constprop.7 (getaddrinfo.c:806)
==12732== by 0x4F02673: getaddrinfo (getaddrinfo.c:2317)
==12732== by 0x4800B3B: main (a.c:34)
The effect is SIGSEGV-ing getaddrinfo() call on systems with
the following nsswitch.conf:
hosts: files mdns_minimal [NOTFOUND=return] dns
The fix is to simplify memset()/memcpy() sequence.
Reported-by: Michał Górny
Bug: https://bugs.gentoo.org/627770
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
---
src/nss.c | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/src/nss.c b/src/nss.c
index ebb887c..1f50bad 100644
--- a/src/nss.c
+++ b/src/nss.c
@@ -271,12 +271,8 @@ enum nss_status _nss_mdns_gethostbyname4_r(
tuple->family = u.data.result[i].af;
// Copy address
+ memset(&(tuple->addr), 0, sizeof(ipv6_address_t));
memcpy(&(tuple->addr), &(u.data.result[i].address), address_length);
- if(address_length < sizeof(ipv6_address_t)) {
- memset((&(tuple->addr) + address_length - sizeof(ipv6_address_t)), 0,
- (sizeof(ipv6_address_t) - address_length)
- );
- }
// Assign interface scope id
tuple->scopeid = u.data.result[i].scopeid;