Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
strongswan.13216
0008-strongswan-5.1.2-5.6.2_stroke_msg_len.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0008-strongswan-5.1.2-5.6.2_stroke_msg_len.patch of Package strongswan.13216
From 0acd1ab4d08d53d80393b1a37b8781f6e7b2b996 Mon Sep 17 00:00:00 2001 From: Tobias Brunner <tobias@strongswan.org> Date: Tue, 13 Mar 2018 18:54:08 +0100 Subject: [PATCH] stroke: Ensure a minimum message length --- src/libcharon/plugins/stroke/stroke_socket.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c index c568440b7ae2..1e7f210e940a 100644 --- a/src/libcharon/plugins/stroke/stroke_socket.c +++ b/src/libcharon/plugins/stroke/stroke_socket.c @@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream) } return FALSE; } + if (len < offsetof(stroke_msg_t, buffer)) + { + DBG1(DBG_CFG, "invalid stroke message length %d", len); + return FALSE; + } /* read message (we need an additional byte to terminate the buffer) */ msg = malloc(len + 1); -- 2.7.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor