Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: glibc getaddrinfo() stack overflow
From: Florian Weimer <fweimer () redhat com>
Date: Wed, 03 Apr 2013 16:27:58 +0200

On 04/03/2013 01:10 PM, Marcus Meissner wrote:

I am not sure you can usually push this amount of addresses via DNS for all
setups.

Both IPv4 and IPv6 addresses are combined in that array, right? Then the protocol limit seems to be around 4000 + 2300 addresses (NAME (2 bytes with compression) + RCLASS (2) + RTYPE(2) + TTL (4) + RDATALEN(2) + RDATA(4 or 16) per record, total available space is 64K), which could be used to blow 128K stacks sometimes used by JVMs.

--
Florian Weimer / Red Hat Product Security Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]