Re: workaround for GHOST glibc vulnerability CVE-2015-0235

[Constantine Shulyupin <const () makelinux com>]

Added static, thank.

You are right, gethostbyname is vulnerable too, but less.
gethostbyname is implemented in
http://osxr.org/glibc/source/nss/getXXbyYY.c?v=glibc-2.17#0101
It allocates buffer from heap, not stack, which is less danger.

Actually the bug is in __nss_hostname_digits_dots @
http://osxr.org/glibc/source/nss/digits_dots.c?v=glibc-2.17#0036.
Is it much more complex and dangerous to overload
__nss_hostname_digits_dots. Better upgrade to newer glibc.

Thanks

On Tue, Feb 3, 2015 at 12:30 PM, Florian Weimer <fweimer () redhat com> wrote:

> On 02/02/2015 03:52 PM, Constantine Shulyupin wrote:
> > CVE-2015-0235-workaround is a shared library wrapper with additional
> checks
> > for the vulnerable functions gethostbyname2_r and gethostbyname_r .
> >
> > The proper solution for CVE-2015-0235 is to upgrade glibc to at least
> > glibc-2.18.
> >
> > In some cases, an immediate glibc upgrade is not possible, for example in
> > custom production embedded systems, because such an upgrade requires a
> > validation of the whole system.
> >
> > In such cases, this workaround provides a hot fix solution, which is
> easier
> > to validate.
> >
> > Source code: https://github.com/makelinux/CVE-2015-0235-workaround
>
> You should make all symbols static.  With the current code, you risk
> symbol collisions.
>
> Why don't you hook gethostbyname?  I'm not sure if gethosybyname is
> implement in terms of gethostbyname_r.  (The call stacks I have suggest
> it isn't.)
>
> --
> Florian Weimer / Red Hat Product Security



-- 
Constantine Shulyupin
http://www.MakeLinux.com/
Embedded Linux Systems
and Device Drivers