Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.1:Staging:B
zeromq
CVE-2019-6250.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2019-6250.patch of Package zeromq
Author: Guido Vranken <guidovranken@gmail.com> Description: pointer overflow in zmq::v2_decoder_t::size_ready leading to remote code execution (issue #3351). Refactor bounds check arithmetic such that no overflow shall occur Origin: https://github.com/zeromq/libzmq/pull/3353 Applied-Upstream: 1a2ed12716693073032d57dac4e269df3d373751 --- a/src/v2_decoder.cpp +++ b/src/v2_decoder.cpp @@ -108,7 +108,7 @@ int zmq::v2_decoder_t::size_ready(uint64_t msg_size, unsigned char const* read_p // the current message can exceed the current buffer. We have to copy the buffer // data into a new message and complete it in the next receive. - if (unlikely ((unsigned char*)read_pos + msg_size > (data() + size()))) + if (unlikely (msg_size > (size_t) (data () + size () - read_pos))) { // a new message has started, but the size would exceed the pre-allocated arena // this happens every time when a message does not fit completely into the buffer
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor