diff options
Diffstat (limited to 'meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch')
-rw-r--r-- | meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch new file mode 100644 index 0000000000..44737bfc2e --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From b675f70739f404342f7f78635d6e2dcd85a13460 Mon Sep 17 00:00:00 2001 | ||
2 | From: Evgeny Vereshchagin <evvers@ya.ru> | ||
3 | Date: Tue, 24 Oct 2023 22:04:51 +0000 | ||
4 | Subject: [PATCH] core: return errors from avahi_server_set_host_name properly | ||
5 | |||
6 | It's a follow-up to 894f085f402e023a98cbb6f5a3d117bd88d93b09 | ||
7 | |||
8 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38471-2.patch?h=ubuntu/jammy-security | ||
9 | Upstream commit https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460] | ||
10 | CVE: CVE-2023-38471 #Follow-up Patch | ||
11 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
12 | --- | ||
13 | avahi-core/server.c | 9 ++++++--- | ||
14 | 1 file changed, 6 insertions(+), 3 deletions(-) | ||
15 | |||
16 | Index: avahi-0.8/avahi-core/server.c | ||
17 | =================================================================== | ||
18 | --- avahi-0.8.orig/avahi-core/server.c | ||
19 | +++ avahi-0.8/avahi-core/server.c | ||
20 | @@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServ | ||
21 | else | ||
22 | hn = avahi_normalize_name_strdup(host_name); | ||
23 | |||
24 | + if (!hn) | ||
25 | + return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); | ||
26 | + | ||
27 | h = hn; | ||
28 | if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { | ||
29 | avahi_free(h); | ||
30 | - return AVAHI_ERR_INVALID_HOST_NAME; | ||
31 | + return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); | ||
32 | } | ||
33 | |||
34 | avahi_free(h); | ||
35 | @@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServ | ||
36 | h = label_escaped; | ||
37 | len = sizeof(label_escaped); | ||
38 | if (!avahi_escape_label(label, strlen(label), &h, &len)) | ||
39 | - return AVAHI_ERR_INVALID_HOST_NAME; | ||
40 | + return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); | ||
41 | |||
42 | if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) | ||
43 | return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); | ||
44 | @@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServ | ||
45 | avahi_free(s->host_name); | ||
46 | s->host_name = avahi_strdup(label_escaped); | ||
47 | if (!s->host_name) | ||
48 | - return AVAHI_ERR_NO_MEMORY; | ||
49 | + return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); | ||
50 | |||
51 | update_fqdn(s); | ||
52 | |||