[dns-operations] CVE-2015-7547: glibc getaddrinfo buffer overflow
Robert Edmonds
edmonds at mycre.ws
Wed Feb 17 21:12:55 UTC 2016
Florian Weimer wrote:
> I'm happy to answer technical questions and clarify our analysis.
getaddrinfo() has been blamed a lot (e.g. VU#457759: "The getaddrinfo()
function allows a buffer overflow condition in which arbitrary code may
be executed"), but is it correct that the vulnerable code was actually
in glibc's libresolv and not the "front end" getaddrinfo() code? (It
looks like the fixes to nss_dns were cleanups to make testing more
deterministic.)
That is, the vulnerable version of glibc could be safely used with an
alternative 'hosts' NSS module, because the vulnerable code would never
be reached? (Not that I am proposing this as a workaround.)
--
Robert Edmonds
More information about the dns-operations
mailing list