F23 System Wide Change: Default Local DNS Resolver
Andrew Lutomirski
luto at mit.edu
Tue Jun 2 16:24:20 UTC 2015
On Tue, Jun 2, 2015 at 2:44 AM, Florian Weimer <fweimer at redhat.com> wrote:
> On 06/01/2015 10:57 PM, Andrew Lutomirski wrote:
>
>> This is glibc we're talking about, though. Have you tried to get a
>> glibc bug fixed? It's not a pleasant experience.
>
> It is possible, but it requires effort. Admittedly, sometimes that
> effort appears disproportionate to what is being fixed.
>
> In this particularly case, only *very* few people are familiar with
> resolv/, and test coverage for that part is extremely poor.
>
>> For example, the bug I reported has a candidate patch. That patch
>> isn't applied, and the patch looks like the bug might be a security
>> issue. It's been in that state for months. This is not unusual for
>> glibc.
>
> Can you explain why you think it is a security issue?
I don't have any very specific reason, but it's a load from an array
with the entirely wrong index, and the code is inscrutable. I don't
know whether n is attacker-controlled.
As a mitigating factor, it's a load, so it's probably not so terrible.
Regardless, this seems like a bug wrangling failure. The fix was
committed AFAICT, but no one updated the bug.
--Andy
More information about the devel
mailing list