FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mDNSResponder -- corrupted stack crash when parsing bad resolv.conf

Affected packages
mDNSResponder <= 214

Details

VuXML ID 1cd87e2a-81e3-11df-81d8-00262d5ed8ee
Discovery 2010-05-26
Entry 2010-06-27

Juli Mallett reports:

mdnsd will crash on some systems with a corrupt stack and once that's fixed it will still leak a file descriptor when parsing resolv.conf. The crash is because scanf is used with %10s for a buffer that is only 10 chars long. The buffer size needs increased to 11 chars to hold the trailing NUL. To fix the leak, an fclose needs added.

References

FreeBSD PR ports/147007