36 lines
931 B
Diff
36 lines
931 B
Diff
commit d527c860f5a3f0ed687bd03f0cb464612dc23408
|
|
Author: Florian Weimer <fweimer@redhat.com>
|
|
Date: Tue Nov 27 16:12:43 2018 +0100
|
|
|
|
CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]
|
|
|
|
diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c
|
|
index e3d08982d9931108..782fc5e1750e9ead 100644
|
|
--- a/sysdeps/unix/sysv/linux/if_index.c
|
|
+++ b/sysdeps/unix/sysv/linux/if_index.c
|
|
@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
|
|
return 0;
|
|
#else
|
|
struct ifreq ifr;
|
|
- int fd = __opensock ();
|
|
-
|
|
- if (fd < 0)
|
|
- return 0;
|
|
-
|
|
if (strlen (ifname) >= IFNAMSIZ)
|
|
{
|
|
__set_errno (ENODEV);
|
|
@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
|
|
}
|
|
|
|
strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
|
|
+
|
|
+ int fd = __opensock ();
|
|
+
|
|
+ if (fd < 0)
|
|
+ return 0;
|
|
+
|
|
if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
|
|
{
|
|
int saved_errno = errno;
|