summaryrefslogtreecommitdiffstats
path: root/recipes-core
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-core')
-rw-r--r--recipes-core/systemd/systemd/CVE-2017-15908.patch44
-rw-r--r--recipes-core/systemd/systemd_%.bbappend5
2 files changed, 49 insertions, 0 deletions
diff --git a/recipes-core/systemd/systemd/CVE-2017-15908.patch b/recipes-core/systemd/systemd/CVE-2017-15908.patch
new file mode 100644
index 0000000..6851243
--- /dev/null
+++ b/recipes-core/systemd/systemd/CVE-2017-15908.patch
@@ -0,0 +1,44 @@
1From 9f939335a07085aa9a9663efd1dca06ef6405d62 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
3Date: Wed, 25 Oct 2017 11:19:19 +0200
4Subject: [PATCH] resolved: fix loop on packets with pseudo dns types
5
6Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D.
7
8Upstream-Status: Backport
9CVE: CVE-2017-15908
10
11Upstream patch:
12https://github.com/systemd/systemd/commit/8aeadf3052a2130b88d5bccf5439890e1034f28d
13
14https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/172535
15
16Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
17---
18 src/resolve/resolved-dns-packet.c | 6 +-----
19 1 file changed, 1 insertion(+), 5 deletions(-)
20
21diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
22index e2f227bfc64..35f4d0689b2 100644
23--- a/src/resolve/resolved-dns-packet.c
24+++ b/src/resolve/resolved-dns-packet.c
25@@ -1514,7 +1514,7 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta
26
27 found = true;
28
29- while (bitmask) {
30+ for (; bitmask; bit++, bitmask >>= 1)
31 if (bitmap[i] & bitmask) {
32 uint16_t n;
33
34@@ -1528,10 +1528,6 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta
35 if (r < 0)
36 return r;
37 }
38-
39- bit++;
40- bitmask >>= 1;
41- }
42 }
43
44 if (!found)
diff --git a/recipes-core/systemd/systemd_%.bbappend b/recipes-core/systemd/systemd_%.bbappend
new file mode 100644
index 0000000..4fe658a
--- /dev/null
+++ b/recipes-core/systemd/systemd_%.bbappend
@@ -0,0 +1,5 @@
1# look for files in the layer first
2FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
3
4SRC_URI += "file://CVE-2017-15908.patch \
5 "