Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Update
adns
adns-1.5.1-CVE-2017-9105.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File adns-1.5.1-CVE-2017-9105.patch of Package adns
From 17afb298d90c5aafed76bd3855a5fe7dcd58594c Mon Sep 17 00:00:00 2001 From: Ian Jackson <ijackson@chiark.greenend.org.uk> Date: Thu, 1 Dec 2016 02:48:09 +0000 Subject: [PATCH 04/32] SECURITY: adns: Do not corrupt pointer when nameserver speaks first Wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution. Found by AFL 2.35b. CVE-2017-9105. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk> --- src/event.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/event.c b/src/event.c index dcc49e9..b36288d 100644 --- a/src/event.c +++ b/src/event.c @@ -461,7 +461,7 @@ int adns_processwriteable(adns_state ads, int fd, const struct timeval *now) { } assert(FD_ISSET(ads->tcpsocket,&writeable)); if (!adns__vbuf_ensure(&ads->tcprecv,1)) { r= ENOMEM; goto xit; } - r= read(ads->tcpsocket,&ads->tcprecv.buf,1); + r= read(ads->tcpsocket,ads->tcprecv.buf,1); if (r==0 || (r<0 && (errno==EAGAIN || errno==EWOULDBLOCK))) { tcp_connected(ads,*now); r= 0; goto xit; -- 2.20.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor