diff options
-rw-r--r-- | recipes-core/systemd/systemd/CVE-2017-9445.patch | 56 | ||||
-rw-r--r-- | recipes-core/systemd/systemd_%.bbappend | 6 |
2 files changed, 62 insertions, 0 deletions
diff --git a/recipes-core/systemd/systemd/CVE-2017-9445.patch b/recipes-core/systemd/systemd/CVE-2017-9445.patch new file mode 100644 index 0000000..031901d --- /dev/null +++ b/recipes-core/systemd/systemd/CVE-2017-9445.patch | |||
@@ -0,0 +1,56 @@ | |||
1 | From db848813bae4d28c524b3b6a7dad135e426659ce Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> | ||
3 | Date: Sun, 18 Jun 2017 16:07:57 -0400 | ||
4 | Subject: [PATCH] resolved: simplify alloc size calculation | ||
5 | |||
6 | The allocation size was calculated in a complicated way, and for values | ||
7 | close to the page size we would actually allocate less than requested. | ||
8 | |||
9 | Reported by Chris Coulson <chris.coulson@canonical.com>. | ||
10 | |||
11 | CVE-2017-9445 | ||
12 | |||
13 | CVE: CVE-2017-8872 | ||
14 | Upstream-Status: Backport | ||
15 | |||
16 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
17 | --- | ||
18 | src/resolve/resolved-dns-packet.c | 8 +------- | ||
19 | src/resolve/resolved-dns-packet.h | 2 -- | ||
20 | 2 files changed, 1 insertion(+), 9 deletions(-) | ||
21 | |||
22 | diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c | ||
23 | index 240ee44..821b66e 100644 | ||
24 | --- a/src/resolve/resolved-dns-packet.c | ||
25 | +++ b/src/resolve/resolved-dns-packet.c | ||
26 | @@ -47,13 +47,7 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) { | ||
27 | |||
28 | assert(ret); | ||
29 | |||
30 | - if (mtu <= UDP_PACKET_HEADER_SIZE) | ||
31 | - a = DNS_PACKET_SIZE_START; | ||
32 | - else | ||
33 | - a = mtu - UDP_PACKET_HEADER_SIZE; | ||
34 | - | ||
35 | - if (a < DNS_PACKET_HEADER_SIZE) | ||
36 | - a = DNS_PACKET_HEADER_SIZE; | ||
37 | + a = MAX(mtu, DNS_PACKET_HEADER_SIZE); | ||
38 | |||
39 | /* round up to next page size */ | ||
40 | a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket)); | ||
41 | diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h | ||
42 | index 2c92392..3abcaf8 100644 | ||
43 | --- a/src/resolve/resolved-dns-packet.h | ||
44 | +++ b/src/resolve/resolved-dns-packet.h | ||
45 | @@ -66,8 +66,6 @@ struct DnsPacketHeader { | ||
46 | /* With EDNS0 we can use larger packets, default to 4096, which is what is commonly used */ | ||
47 | #define DNS_PACKET_UNICAST_SIZE_LARGE_MAX 4096 | ||
48 | |||
49 | -#define DNS_PACKET_SIZE_START 512 | ||
50 | - | ||
51 | struct DnsPacket { | ||
52 | int n_ref; | ||
53 | DnsProtocol protocol; | ||
54 | -- | ||
55 | 1.9.1 | ||
56 | |||
diff --git a/recipes-core/systemd/systemd_%.bbappend b/recipes-core/systemd/systemd_%.bbappend new file mode 100644 index 0000000..e07dbe1 --- /dev/null +++ b/recipes-core/systemd/systemd_%.bbappend | |||
@@ -0,0 +1,6 @@ | |||
1 | # look for files in the layer first | ||
2 | FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" | ||
3 | |||
4 | SRC_URI += "file://CVE-2017-9445.patch \ | ||
5 | " | ||
6 | |||