grub/grub-core
Andrei Borzenkov 52408aa946 dns: fix buffer overflow for data->addresses in recv_hook
We may get more than one response before exiting out of loop in
grub_net_dns_lookup, but buffer was allocated for the first response only,
so storing answers from subsequent replies wrote past allocated size.
We never really use more than the very first address during lookup so there
is little point in collecting all of them. Just quit early if we already have
some reply.

Code needs serious redesign to actually collect multiple answers
and select the best fit according to requested type (IPv4 or IPv6).

Reported and tested by Michael Chang <mchang@suse.com>
2016-07-26 20:38:58 +03:00
..
boot mips: Make the assembly-code N32-compatible. 2015-10-11 13:20:26 +02:00
bus usbtrans: Fix memory coherence and use-after-free. 2016-02-27 13:40:52 +01:00
commands cat: Don't switch terminal mode when there is nothing to highlight. 2016-02-27 13:35:36 +01:00
disk efidisk: Respect block_io_protocol buffer alignment 2016-02-27 13:44:59 +01:00
efiemu efiemu: Fix compilation failure 2016-01-22 14:10:30 +01:00
font Document intentional fallthroughs. 2015-01-27 17:17:58 +01:00
fs xfs: accept filesystem with meta_uuid 2016-07-26 20:29:26 +03:00
gdb With Apple assembly in .macro environvemnt you have to use $$ instead 2013-11-24 07:08:18 +01:00
gettext * grub-core/gettext/gettext.c (main_context), (secondary_context): 2013-11-07 01:01:47 +01:00
gfxmenu gfxmenu: fix memory leak 2016-01-12 21:52:50 +03:00
gnulib update gnulib/argp-help.c to fix garbage in grub-mknetdir --help output 2015-03-05 20:19:47 +03:00
hello * grub-core/commands/gptsync.c: Fix typographic quoting. 2012-03-03 13:05:08 +01:00
hook * grub-core/hook/datehook.c (grub_read_hook_datetime): Small stylistic 2011-11-11 21:03:49 +01:00
io gzio: Optimize by removing division. 2015-02-26 22:10:09 +01:00
kern arm-uboot: Make self-relocatable to allow loading at any address 2016-02-27 13:40:52 +01:00
lib relocator: Fix integer underflow. 2016-02-12 16:07:57 +01:00
loader xen_file: Fix invalid payload size 2016-03-11 10:26:51 +01:00
mmap Translate UEFI persistent memory type 2015-12-15 10:25:34 +03:00
net dns: fix buffer overflow for data->addresses in recv_hook 2016-07-26 20:38:58 +03:00
normal menu_entry: Disable cursor during update_screen() 2016-02-22 09:59:27 +03:00
osdep build: Use AC_HEADER_MAJOR to find device macros 2016-04-24 08:12:42 +03:00
partmap disk/ldm, partmap/msdos.c: fix spelling error 2015-08-22 21:22:41 +02:00
parttool * grub-core/net/http.c: Add TRANSLATORS comments. 2012-03-05 16:42:26 +01:00
script yylex: use grub_fatal for exit. 2016-02-12 12:34:54 +01:00
term usb_keyboard: Remove useless include 2016-02-22 20:05:54 +01:00
tests Regenerate checksums 2016-02-26 11:37:47 +01:00
video jpeg: Optimise by replacing division with shifts. 2015-02-26 21:27:32 +01:00
gdb_grub.in * grub-core/gdb_grub.in: Fix overflow and wrong field. 2013-10-14 03:40:20 +02:00
genemuinit.sh use MODULE_FILES for genemuinit* instead of MOD_FILES 2014-01-18 23:15:40 +04:00
genemuinitheader.sh use MODULE_FILES for genemuinit* instead of MOD_FILES 2014-01-18 23:15:40 +04:00
genmod.sh.in Add missing BUILD_EXEEXT 2016-01-01 12:06:40 +03:00
genmoddep.awk genmoddep.awk: Add a test that we have no circular dependencies 2015-11-08 20:00:27 +01:00
gensyminfo.sh.in * grub-core/gensyminfo.sh.in: Handle the case of portable output 2013-11-11 23:05:53 +01:00
gensymlist.sh Make 'make check' work on emu. 2013-04-27 02:00:16 +02:00
gentrigtables.c * grub-core/gentrigtables.c: Make tables const. 2013-03-01 11:15:09 +01:00
gmodule.pl.in * grub-core/gmodule.pl.in: Accept newer binutils which output 2014-09-21 18:23:23 +02:00
gnulib-fix-null-deref.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
gnulib-fix-width.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
gnulib-no-abort.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
gnulib-no-gets.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
Makefile.am Split pmtimer wait and tsc measurement from pmtimer tsc calibration. 2016-02-12 11:40:51 +01:00
Makefile.core.def arm-uboot: Make self-relocatable to allow loading at any address 2016-02-27 13:40:52 +01:00
modinfo.sh.in modinfo.sh.in: Add missing config variables. 2015-03-27 12:18:25 +01:00