On Tue, Jun 2, 2015 at 2:44 AM, Florian Weimer <fweimer@xxxxxxxxxx> wrote: > On 06/01/2015 10:57 PM, Andrew Lutomirski wrote: > >> This is glibc we're talking about, though. Have you tried to get a >> glibc bug fixed? It's not a pleasant experience. > > It is possible, but it requires effort. Admittedly, sometimes that > effort appears disproportionate to what is being fixed. > > In this particularly case, only *very* few people are familiar with > resolv/, and test coverage for that part is extremely poor. > >> For example, the bug I reported has a candidate patch. That patch >> isn't applied, and the patch looks like the bug might be a security >> issue. It's been in that state for months. This is not unusual for >> glibc. > > Can you explain why you think it is a security issue? I don't have any very specific reason, but it's a load from an array with the entirely wrong index, and the code is inscrutable. I don't know whether n is attacker-controlled. As a mitigating factor, it's a load, so it's probably not so terrible. Regardless, this seems like a bug wrangling failure. The fix was committed AFAICT, but no one updated the bug. --Andy -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
