CVE-2015-0235-workaround
aka GHOST glibc vulnerability
A shared library wrapper with additional checks for the vulnerable functions gethostbyname2_r and gethostbyname_r .
The proper solution for CVE-2015-0235 is to upgrade glibc to at least glibc-2.18.
In some cases, an immediate glibc upgrade is not possible, for example in custom production embedded systems, because such an upgrade requires a validation of the whole system.
In such cases, this workaround provides a hot fix solution, which is easier to validate.
Usage:
Compile, install and add gethostbyname_wrap.so /etc/ld.so.preload