aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2013-08-16 09:38:52 +0200
committerAllan McRae <allan@archlinux.org>2013-10-25 23:52:27 +1000
commita3ed3a127ca30b3b25aab0b441f9f3f0ecc07f7e (patch)
treea2ff74fe15a32966388325532c9b9bc3b9242649 /ChangeLog
parent642c8732a111450a97e4ae41c12a920bc7f02ee0 (diff)
downloadglibc-a3ed3a127ca30b3b25aab0b441f9f3f0ecc07f7e.tar.xz
glibc-a3ed3a127ca30b3b25aab0b441f9f3f0ecc07f7e.zip
CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r
* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode member. * sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode member. * sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member. * sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit. Return delayed error code. Remove GETDENTS_64BIT_ALIGNED conditional. * sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define GETDENTS_64BIT_ALIGNED. * sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise. * manual/filesys.texi (Reading/Closing Directory): Document ENAMETOOLONG return value of readdir_r. Recommend readdir more strongly. * manual/conf.texi (Limits for Files): Add portability note to NAME_MAX, PATH_MAX. (Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX. (cherry picked from commit 91ce40854d0b7f865cf5024ef95a8026b76096f3) Conflicts: NEWS
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog22
1 files changed, 22 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index fa588c9f9f..7fae731ba8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
+2013-08-16 Florian Weimer <fweimer@redhat.com>
+
+ [BZ #14699]
+ CVE-2013-4237
+ * sysdeps/posix/dirstream.h (struct __dirstream): Add errcode
+ member.
+ * sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode
+ member.
+ * sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member.
+ * sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit.
+ Return delayed error code. Remove GETDENTS_64BIT_ALIGNED
+ conditional.
+ * sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define
+ GETDENTS_64BIT_ALIGNED.
+ * sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
+ * manual/filesys.texi (Reading/Closing Directory): Document
+ ENAMETOOLONG return value of readdir_r. Recommend readdir more
+ strongly.
+ * manual/conf.texi (Limits for Files): Add portability note to
+ NAME_MAX, PATH_MAX.
+ (Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.
+
2013-08-03 David S. Miller <davem@davemloft.net>
* po/ko.po: Update Korean translation from translation project.
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-30 22:31:35 +0000