diff options
Diffstat (limited to 'meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch')
-rw-r--r-- | meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch new file mode 100644 index 0000000000..18bf5f19e4 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | From c7e181fdf58c392e06ab805e2c044c3e57d5445a Mon Sep 17 00:00:00 2001 | ||
2 | From: Ariadne Conill <ariadne@dereferenced.org> | ||
3 | Date: Sun, 3 Apr 2022 12:14:33 +0000 | ||
4 | Subject: [PATCH] libbb: sockaddr2str: ensure only printable characters are | ||
5 | returned for the hostname part | ||
6 | |||
7 | CVE: CVE-2022-28391 | ||
8 | Upstream-Status: Pending | ||
9 | Signed-off-by: Ariadne Conill <ariadne@dereferenced.org> | ||
10 | Signed-off-by: Steve Sakoman <steve@sakoman.com> | ||
11 | --- | ||
12 | libbb/xconnect.c | 5 +++-- | ||
13 | 1 file changed, 3 insertions(+), 2 deletions(-) | ||
14 | |||
15 | diff --git a/libbb/xconnect.c b/libbb/xconnect.c | ||
16 | index eb2871cb1..b5520bb21 100644 | ||
17 | --- a/libbb/xconnect.c | ||
18 | +++ b/libbb/xconnect.c | ||
19 | @@ -501,8 +501,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) | ||
20 | ); | ||
21 | if (rc) | ||
22 | return NULL; | ||
23 | + /* ensure host contains only printable characters */ | ||
24 | if (flags & IGNORE_PORT) | ||
25 | - return xstrdup(host); | ||
26 | + return xstrdup(printable_string(host)); | ||
27 | #if ENABLE_FEATURE_IPV6 | ||
28 | if (sa->sa_family == AF_INET6) { | ||
29 | if (strchr(host, ':')) /* heh, it's not a resolved hostname */ | ||
30 | @@ -513,7 +514,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) | ||
31 | #endif | ||
32 | /* For now we don't support anything else, so it has to be INET */ | ||
33 | /*if (sa->sa_family == AF_INET)*/ | ||
34 | - return xasprintf("%s:%s", host, serv); | ||
35 | + return xasprintf("%s:%s", printable_string(host), serv); | ||
36 | /*return xstrdup(host);*/ | ||
37 | } | ||
38 | |||