1 files changed, 48 insertions, 0 deletions

diff --git a/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
new file mode 100644
index 0000000000..9c78a3dfa0
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch
@@ -0,0 +1,48 @@
+CVE: CVE-2018-19591
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From ce6ba630dbc96f49eb1f30366aa62261df4792f9 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Tue, 27 Nov 2018 16:12:43 +0100
+Subject: [PATCH] CVE-2018-19591: if_nametoindex: Fix descriptor for overlong
+ name [BZ #23927]
+
+(cherry picked from commit d527c860f5a3f0ed687bd03f0cb464612dc23408)
+---
+ ChangeLog                          |  7 +++++++
+ NEWS                               |  6 ++++++
+ sysdeps/unix/sysv/linux/if_index.c | 11 ++++++-----
+ 3 files changed, 19 insertions(+), 5 deletions(-)
+
+diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c
+index e3d08982d9..782fc5e175 100644
+--- a/sysdeps/unix/sysv/linux/if_index.c
++++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname)
+   return 0;
+ #else
+   struct ifreq ifr;
+-  int fd = __opensock ();
+-
+-  if (fd < 0)
+-    return 0;
+-
+   if (strlen (ifname) >= IFNAMSIZ)
+     {
+       __set_errno (ENODEV);
+@@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname)
+     }
+ 
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
++
++  int fd = __opensock ();
++
++  if (fd < 0)
++    return 0;
++
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
+       int saved_errno = errno;
+-- 
+2.11.0