diff options
Diffstat (limited to 'meta/recipes-support/curl/curl/CVE-2019-5436.patch')
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2019-5436.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2019-5436.patch b/meta/recipes-support/curl/curl/CVE-2019-5436.patch new file mode 100644 index 0000000000..eee26ce273 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2019-5436.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | From 2da531b3068e22cf714f001b493a704b2e9b923f Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Stenberg <daniel@haxx.se> | ||
3 | Date: Fri, 3 May 2019 22:20:37 +0200 | ||
4 | Subject: [PATCH] tftp: use the current blksize for recvfrom() | ||
5 | |||
6 | bug: https://curl.haxx.se/docs/CVE-2019-5436.html | ||
7 | Reported-by: l00p3r on hackerone | ||
8 | CVE-2019-5436 | ||
9 | |||
10 | Upstream-Status: Backport | ||
11 | CVE: CVE-2019-5436 | ||
12 | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> | ||
13 | |||
14 | --- | ||
15 | lib/tftp.c | 2 +- | ||
16 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
17 | |||
18 | diff --git a/lib/tftp.c b/lib/tftp.c | ||
19 | index 8b92b7b..289cda2 100644 | ||
20 | --- a/lib/tftp.c | ||
21 | +++ b/lib/tftp.c | ||
22 | @@ -1009,7 +1009,7 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done) | ||
23 | state->sockfd = state->conn->sock[FIRSTSOCKET]; | ||
24 | state->state = TFTP_STATE_START; | ||
25 | state->error = TFTP_ERR_NONE; | ||
26 | - state->blksize = TFTP_BLKSIZE_DEFAULT; | ||
27 | + state->blksize = blksize; | ||
28 | state->requested_blksize = blksize; | ||
29 | |||
30 | ((struct sockaddr *)&state->local_addr)->sa_family = | ||