glibc

AuroraMiddleware/glibc

Fork 0

mirror of https://sourceware.org/git/glibc.git synced 2024-11-22 13:00:06 +00:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Florian Weimer	d42eed4a04	sunrpc: Avoid use-after-free read access in clntudp_call [BZ #21115 ] After commit `bc779a1a5b` (CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call [BZ #20112]), ancillary data is stored on the heap, but it is accessed after it has been freed. The test case must be run under a heap debugger such as valgrind to observe the invalid access. A malloc implementation which immediately calls munmap on free would catch this bug as well.	2017-02-27 19:05:13 +01:00

Florian Weimer

d42eed4a04

sunrpc: Avoid use-after-free read access in clntudp_call [BZ #21115 ]

After commit bc779a1a5b
(CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call
[BZ #20112]), ancillary data is stored on the heap,
but it is accessed after it has been freed.

The test case must be run under a heap debugger such as valgrind
to observe the invalid access.  A malloc implementation which
immediately calls munmap on free would catch this bug as well.

2017-02-27 19:05:13 +01:00

1 Commits