Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
libunbound-devel-mini.24859
bsc1185385_CVE-2019-25034_a3545867.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bsc1185385_CVE-2019-25034_a3545867.patch of Package libunbound-devel-mini.24859
From a3545867fcdec50307c776ce0af28d07046a52dd Mon Sep 17 00:00:00 2001 From: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> Date: Tue, 19 Nov 2019 16:42:17 +0100 Subject: [PATCH] - Fix Integer Overflow to Buffer Overflow in sldns_str2wire_dname_buf_origin(), reported by X41 D-Sec. --- doc/Changelog | 2 ++ sldns/str2wire.c | 4 ++++ 2 files changed, 6 insertions(+) |diff --git doc/Changelog doc/Changelog |index 7398075e..509b74b8 100644 |--- doc/Changelog |+++ doc/Changelog |@@ -11,6 +11,8 @@ | reported by X41 D-Sec. | - Fix Integer Overflows in Size Calculations, | reported by X41 D-Sec. |+ - Fix Integer Overflow to Buffer Overflow in |+ sldns_str2wire_dname_buf_origin(), reported by X41 D-Sec. | | 18 November 2019: Wouter | - In unbound-host use separate variable for get_option to please diff --git sldns/str2wire.c sldns/str2wire.c index 097f6210..f08f107c 100644 --- sldns/str2wire.c +++ sldns/str2wire.c @@ -150,6 +150,10 @@ int sldns_str2wire_dname_buf_origin(const char* str, uint8_t* buf, size_t* len, if(s) return s; if(rel && origin && dlen > 0) { + if((unsigned)dlen >= 0x00ffffffU || + (unsigned)origin_len >= 0x00ffffffU) + /* guard against integer overflow in addition */ + return RET_ERR(LDNS_WIREPARSE_ERR_GENERAL, *len); if(dlen + origin_len - 1 > LDNS_MAX_DOMAINLEN) return RET_ERR(LDNS_WIREPARSE_ERR_DOMAINNAME_OVERFLOW, LDNS_MAX_DOMAINLEN); -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor