blob: 0217e4bf553b109089333fe61c78bf9b323561cc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
From bb01edff0377f2585ce304ecbadcb7b6cde372ac Mon Sep 17 00:00:00 2001
From: Waldemar Brodkorb <wbx@openadk.org>
Date: Mon, 25 Jan 2016 21:11:34 +0100
Subject: [PATCH] Make sure to always terminate decoded string
Write a terminating '\0' to dest when the first byte of the encoded data
is 0. This corner case was previously missed.
Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
Upstream-Status: Backport
http://repo.or.cz/uclibc-ng.git/commit/bb01edff0377f2585ce304ecbadcb7b6cde372ac
CVE: CVE-2016-2225
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
libc/inet/resolv.c | 1 +
1 file changed, 1 insertion(+)
Index: git/libc/inet/resolv.c
===================================================================
--- git.orig/libc/inet/resolv.c
+++ git/libc/inet/resolv.c
@@ -671,6 +671,7 @@ int __decode_dotted(const unsigned char
if (!packet)
return -1;
+ dest[0] = '\0';
while (--maxiter) {
if (offset >= packet_len)
return -1;
|
