Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
adns
adns-1.4-CVE-2017-9105.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File adns-1.4-CVE-2017-9105.patch of Package adns
From 17afb298d90c5aafed76bd3855a5fe7dcd58594c Mon Sep 17 00:00:00 2001 From: Ian Jackson <ijackson@chiark.greenend.org.uk> Date: Thu, 1 Dec 2016 02:48:09 +0000 Subject: [PATCH 04/32] SECURITY: adns: Do not corrupt pointer when nameserver speaks first Wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution. Found by AFL 2.35b. CVE-2017-9105. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk> --- src/event.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: adns-1.4/src/event.c =================================================================== --- adns-1.4.orig/src/event.c +++ adns-1.4/src/event.c @@ -452,7 +452,7 @@ int adns_processwriteable(adns_state ads assert(ads->tcprecv_skip==0); for (;;) { if (!adns__vbuf_ensure(&ads->tcprecv,1)) { r= ENOMEM; goto xit; } - r= read(ads->tcpsocket,&ads->tcprecv.buf,1); + r= read(ads->tcpsocket,ads->tcprecv.buf,1); if (r==0 || (r<0 && (errno==EAGAIN || errno==EWOULDBLOCK))) { tcp_connected(ads,*now); r= 0; goto xit;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor