diff options
author | Ondřej Bílka <neleai@seznam.cz> | 2013-11-07 12:46:57 +0100 |
---|---|---|
committer | Ondřej Bílka <neleai@seznam.cz> | 2013-11-07 12:51:44 +0100 |
commit | e4368156e64e04a204d832351abcb535572eb919 (patch) | |
tree | 764a98186b46f3ef1c611865d092de326fbce675 | |
parent | 8d6bb57c44557c344d56653c3380885bf1dcabd7 (diff) | |
download | glibc-e4368156e64e04a204d832351abcb535572eb919.tar glibc-e4368156e64e04a204d832351abcb535572eb919.tar.gz glibc-e4368156e64e04a204d832351abcb535572eb919.tar.bz2 glibc-e4368156e64e04a204d832351abcb535572eb919.zip |
Make getent services compliant with RFC 6335 section 5.1 Fixes bug 15374
The RFC 6335 allows services that start with digit (like 3com-tsmux).
These were parsed as port number which this patch fixes.
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | NEWS | 14 | ||||
-rw-r--r-- | nss/getent.c | 8 |
3 files changed, 18 insertions, 9 deletions
@@ -1,3 +1,8 @@ +2013-11-07 Ondřej Bílka <neleai@seznam.cz> + + [BZ #15374] + * nss/getent.c (services_keys): Recognize services starting with digit. + 2013-11-06 David S. Miller <davem@davemloft.net> [BZ #15985] @@ -11,13 +11,13 @@ Version 2.19 156, 431, 832, 2801, 7003, 9954, 10278, 11087, 13028, 13982, 13985, 14029, 14155, 14547, 14699, 14752, 14876, 14910, 15048, 15218, 15277, - 15308, 15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609, 15610, - 15632, 15640, 15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, - 15748, 15749, 15754, 15760, 15763, 15764, 15797, 15799, 15825, 15844, - 15847, 15849, 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, - 15892, 15893, 15895, 15897, 15905, 15909, 15917, 15919, 15921, 15923, - 15939, 15948, 15963, 15966, 15985, 15988, 16032, 16034, 16036, 16037, - 16041, 16071, 16072, 16074, 16078, 16112. + 15308, 15362, 15374, 15400, 15427, 15522, 15531, 15532, 15608, 15609, + 15610, 15632, 15640, 15670, 15672, 15680, 15681, 15723, 15734, 15735, + 15736, 15748, 15749, 15754, 15760, 15763, 15764, 15797, 15799, 15825, + 15844, 15847, 15849, 15855, 15856, 15857, 15859, 15867, 15886, 15887, + 15890, 15892, 15893, 15895, 15897, 15905, 15909, 15917, 15919, 15921, + 15923, 15939, 15948, 15963, 15966, 15985, 15988, 16032, 16034, 16036, + 16037, 16041, 16071, 16072, 16074, 16078, 16112. * CVE-2012-4412 The strcoll implementation caches indices and rules for large collation sequences to optimize multiple passes. This cache diff --git a/nss/getent.c b/nss/getent.c index 8a3c864501..05ea80825a 100644 --- a/nss/getent.c +++ b/nss/getent.c @@ -788,8 +788,12 @@ services_keys (int number, char *key[]) if (proto != NULL) *proto++ = '\0'; - if (isdigit (key[i][0])) - serv = getservbyport (htons (atol (key[i])), proto); + char *endptr; + long port = strtol (key[i], &endptr, 10); + + if (isdigit (key[i][0]) && *endptr == '\0' + && 0 <= port && port <= 65535) + serv = getservbyport (htons (port), proto); else serv = getservbyname (key[i], proto); |