Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
glibc.33856
clntudp-call-alloca.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File clntudp-call-alloca.patch of Package glibc.33856
2016-05-23 Florian Weimer <fweimer@redhat.com> CVE-2016-4429 [BZ #20112] * sunrpc/clnt_udp.c (clntudp_call): Use malloc/free for the error payload. Index: glibc-2.22/sunrpc/clnt_udp.c =================================================================== --- glibc-2.22.orig/sunrpc/clnt_udp.c +++ glibc-2.22/sunrpc/clnt_udp.c @@ -423,9 +423,15 @@ send_again: struct sock_extended_err *e; struct sockaddr_in err_addr; struct iovec iov; - char *cbuf = (char *) alloca (outlen + 256); + char *cbuf = malloc (outlen + 256); int ret; + if (cbuf == NULL) + { + cu->cu_error.re_errno = errno; + return (cu->cu_error.re_status = RPC_CANTRECV); + } + iov.iov_base = cbuf + 256; iov.iov_len = outlen; msg.msg_name = (void *) &err_addr; @@ -450,10 +456,12 @@ send_again: cmsg = CMSG_NXTHDR (&msg, cmsg)) if (cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR) { + free (cbuf); e = (struct sock_extended_err *) CMSG_DATA(cmsg); cu->cu_error.re_errno = e->ee_errno; return (cu->cu_error.re_status = RPC_CANTRECV); } + free (cbuf); } #endif do
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor