11.07.2016 09:02, Michael Chang пишет: > On Fri, Jul 08, 2016 at 10:54:37PM +0300, Andrei Borzenkov wrote: >> 07.07.2016 12:18, Michael Chang пишет: >>> Since commit f9d1b4422efb2c06e5472fb2c304712e2029796b I occasionally bumped >>> into heap corruption problem during dns lookup. >>> >>> After tracing the issue, it looks the *data->addresses array is not >>> correctly >>> allocated. It need to hold accumulated dns look up result but not only the >>> new >>> result in new message. The heap corruption occured when appending new >>> result to >>> it. >>> >>> This patch fixed the issue for me by reallocating the array if it found too >>> small to hold all the result. >>> >> >> I'm not sure. I think we discussed this with Josef back then. The code >> apparently was assuming single response; and if we are going to collect >> multiple answers, we need to filter out duplicates at least and also not >> depend on packet order to select between A and AAAA. > > OK. > >> >> Does attached patch fix corruption for you? I think that is the least >> intrusive as bug fix, and we need to revisit code to properly handle >> multiple responses later. > > Yes, it does. I have tested several times to make sure it doesn't happen. > > Thanks for review. >
Applied. Thanks! _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
