Bugtraq mailing list archives

Re: libresolv+ bug

From: nelson () pangeia com br (Nelson Murilo)
Date: Sun, 18 Aug 1996 17:33:20 -0400


Hi my solution is very hard, i'm deleted getenv() options from
gethsnmad.c in libc-5.3.12 for Linux.
Possible not elegant, but funcionality :)


-----
libc-5.3.12.patch
-----8<----
*** gethstnmad.c.ant    Sat Apr 13 02:51:38 1996
--- gethstnmad.c        Fri Aug 16 17:01:49 1996
***************
*** 16,22 ****
   */

  #if defined(LIBC_SCCS) && !defined(lint)
! static char sccsid[] = "@(#)gethostnamadr.c   6.39 (Berkeley) 1/4/90";
  #endif /* LIBC_SCCS and not lint */

  #include "inetprivate.h"
--- 16,22 ----
   */

  #if defined(LIBC_SCCS) && !defined(lint)
! static char sccsid[] = "@(#)gethostnamadr.c   6.40 (Berkeley) 8/18/96";
  #endif /* LIBC_SCCS and not lint */

  #include "inetprivate.h"
*************** init_services()
*** 306,315 ****
  #if NLS
        libc_nls_init();
  #endif
!       if(NULL==(hostconf=getenv(ENV_HOSTCONF))){
!               hostconf=_PATH_HOSTCONF;
!       }
!       if ((fd = (FILE *)fopen(hostconf, "r")) == NULL) {
                                /* make some assumptions */
                service_order[0] = SERVICE_BIND;
                service_order[1] = SERVICE_NONE;
--- 306,312 ----
  #if NLS
        libc_nls_init();
  #endif
!       if ((fd = (FILE *)fopen(_PATH_HOSTCONF, "r")) == NULL) {
                                /* make some assumptions */
                service_order[0] = SERVICE_BIND;
                service_order[1] = SERVICE_NONE;
---8<---

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
N e l s o n  M u r i l o
Pangeia Informatica - Provedor de solucoes Internet.
http://www.pangeia.com.br
http://www.bluesky.net/pangeia
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Current thread:

why suid mount (was Re: Possible bufferoverflow condition in lpr,, (continued)
- - - why suid mount (was Re: Possible bufferoverflow condition in lpr, Bryan Reece (Aug 13)
    - Re: Possible bufferoverflow condition in lpr, xterm and xload Christopher Masto (Aug 14)
    - Re: Possible bufferoverflow condition in lpr, xterm and xload Brian Tao (Aug 15)
    - Re: Possible bufferoverflow condition in lpr, xterm and xload *Unknown* (Aug 17)
    - Re: libresolv+ bug Theo Van Dinter (Aug 17)
    - Re: libresolv+ bug Brian Mitchell (Aug 18)
    - Re: libresolv+ bug Jon Lewis (Aug 18)
    - Re: libresolv+ bug Alan Cox (Aug 19)
    - libresolv Xarthon (Aug 18)
    - Re: libresolv Xarthon (Aug 18)
    - Re: libresolv+ bug Nelson Murilo (Aug 18)
    - Re: libresolv+ bug Brian Mitchell (Aug 18)
    - Re: libresolv+ bug Casper Dik (Aug 19)
    - Re: libresolv+ bug Alan Cox (Aug 19)
    - Re: libresolv+ bug Brian Mitchell (Aug 19)
    - Re: libresolv+ bug David Holland (Aug 19)
    - Re: libresolv+ bug Alan Cox (Aug 19)
    - Re: libresolv+ bug Steve Czetty (Aug 19)
    - real time decode of tcpdump output Michael Ryan (Aug 19)
    - WU.FTPD vulnerability: gnu tar possibly others Alan Cox (Aug 19)
    - Re: WU.FTPD vulnerability: gnu tar possibly others Pedro Melo (Aug 19)

(Thread continues...)