From patchwork Sun Oct 18 21:03:02 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Aurelien Jarno <aurelien@aurel32.net>
X-Patchwork-Id: 532042
Return-Path: 
 <libc-alpha-return-64232-incoming=patchwork.ozlabs.org@sourceware.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 8399F140273
	for <incoming@patchwork.ozlabs.org>;
	Mon, 19 Oct 2015 08:03:20 +1100 (AEDT)
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	secure) header.d=sourceware.org header.i=@sourceware.org
	header.b=QLbUJziM; dkim-atps=neutral
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:date:message-id; q=dns; s=
	default; b=tDouwjyer9QDkALtT7UUCzCtxFcARal8LbSSYz5KsJNM+4M+WIM6b
	L2Au0fZmMnOOlhIdNLaWYMtBdhcP17VA3IO8qukGx1LJEcbFhITAKynHdB9IVuwA
	Fwvz+AOT3qtrrock73h/+0zRQrd0wktF6B7KFW3qwSyoOaQlW/XN0o=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:date:message-id; s=default;
	bh=PmZsAEXgMbmO6eYZ0I7/4CQMiOU=; b=QLbUJziMIhDtRryId73ApOSNHfBE
	+HHdKBvOhsK3WtTzWumYvDlof8sPG8qcf+5VBlLzSU/oXuWoBKKZ8tx0A9/vWUwG
	PbSrKgixOhH+JheaTDpgee4aPDqsNUoeM0lXZqitwP9HRnqla+FIC6WEan55JCn3
	MKIBfL7wZvN9gls=
Received: (qmail 6416 invoked by alias); 18 Oct 2015 21:03:12 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: 
 <mailto:libc-alpha-unsubscribe-incoming=patchwork.ozlabs.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 6395 invoked by uid 89); 18 Oct 2015 21:03:11 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=BAYES_00,
	KAM_LAZY_DOMAIN_SECURITY,
	T_RP_MATCHES_RCVD autolearn=no version=3.3.2
X-HELO: hall.aurel32.net
From: Aurelien Jarno <aurelien@aurel32.net>
To: libc-alpha@sourceware.org
Cc: Andreas Schwab <schwab@suse.de>
Subject: [COMMITTED 2.19] Don't ignore too long lines in nss_files (BZ
	#17079)
Date: Sun, 18 Oct 2015 23:03:02 +0200
Message-Id: <1445202182-26369-1-git-send-email-aurelien@aurel32.net>

From: Andreas Schwab <schwab@suse.de>

(cherry picked from commit ac60763eac3d43b7234dd21286ad3ec3f17957fc)

Conflicts:
	ChangeLog
	NEWS
---
 ChangeLog                 | 6 ++++++
 NEWS                      | 4 ++--
 nss/nss_files/files-XXX.c | 4 +++-
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6aff2a2..815acf0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2014-06-23  Andreas Schwab  <schwab@suse.de>
+
+	[BZ #17079]
+	* nss/nss_files/files-XXX.c (get_contents): Store overflow marker
+	before reading the next line.
+
 2015-10-02  Andreas Schwab  <schwab@suse.de>
 
 	* sysdeps/posix/getaddrinfo.c (gaih_inet): Advance address pointer
diff --git a/NEWS b/NEWS
index fb0fa3c..ed33f47 100644
--- a/NEWS
+++ b/NEWS
@@ -10,8 +10,8 @@ Version 2.19.1
 * The following bugs are resolved with this release:
 
   15946, 16545, 16574, 16623, 16657, 16695, 16743, 16878, 16882, 16885,
-  16916, 16932, 16943, 16958, 17048, 17069, 17137, 17153, 17213, 17263,
-  17325, 17555, 18287.
+  16916, 16932, 16943, 16958, 17048, 17069, 17079, 17137, 17153, 17213,
+  17263, 17325, 17555, 18287.
 
 * A buffer overflow in gethostbyname_r and related functions performing DNS
   requests has been fixed.  If the NSS functions were called with a
diff --git a/nss/nss_files/files-XXX.c b/nss/nss_files/files-XXX.c
index 36242f9..d4cd95e 100644
--- a/nss/nss_files/files-XXX.c
+++ b/nss/nss_files/files-XXX.c
@@ -198,10 +198,12 @@ get_contents (char *linebuf, size_t len, FILE *stream)
     {
       int curlen = ((remaining_len > (size_t) INT_MAX) ? INT_MAX
 		    : remaining_len);
-      char *p = fgets_unlocked (curbuf, curlen, stream);
 
+      /* Terminate the line so that we can test for overflow.  */
       ((unsigned char *) curbuf)[curlen - 1] = 0xff;
 
+      char *p = fgets_unlocked (curbuf, curlen, stream);
+
       /* EOF or read error.  */
       if (p == NULL)
         return gcr_error;