diff options
Diffstat (limited to 'meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch')
| -rw-r--r-- | meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch new file mode 100644 index 0000000000..02cc83d314 --- /dev/null +++ b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch | |||
| @@ -0,0 +1,26 @@ | |||
| 1 | Upstream-Status: Backport | ||
| 2 | |||
| 3 | Reference: http://bugs.python.org/issue20246 | ||
| 4 | |||
| 5 | CVE-2014-1912: Python buffer overflow in socket.recvfrom_into() | ||
| 6 | lets remote users execute arbitrary code.Original patch by Benjamin Peterson | ||
| 7 | |||
| 8 | Signed-off-by: Maxin B. John <maxin.john@enea.com> | ||
| 9 | --- | ||
| 10 | diff -r 40fb60df4755 Modules/socketmodule.c | ||
| 11 | --- a/Modules/socketmodule.c Sun Jan 12 12:11:47 2014 +0200 | ||
| 12 | +++ b/Modules/socketmodule.c Mon Jan 13 16:36:35 2014 -0800 | ||
| 13 | @@ -2744,6 +2744,13 @@ | ||
| 14 | recvlen = buflen; | ||
| 15 | } | ||
| 16 | |||
| 17 | + /* Check if the buffer is large enough */ | ||
| 18 | + if (buflen < recvlen) { | ||
| 19 | + PyErr_SetString(PyExc_ValueError, | ||
| 20 | + "buffer too small for requested bytes"); | ||
| 21 | + goto error; | ||
| 22 | + } | ||
| 23 | + | ||
| 24 | readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); | ||
| 25 | if (readlen < 0) { | ||
| 26 | /* Return an error */ | ||