summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch
blob: 7f2d93a93787a9535c6e4bdc745e636d9fe24357 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Upstream-Status: Backport

libproxy - CVE-2012-4504:

Reference:https://code.google.com/p/libproxy/source/detail?r=853

Stack-based buffer overflow in the url::get_pac function in url.cpp
in libproxy 0.4.x before 0.4.9 allows remote servers to have an
unspecified impact via a large proxy.pac file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504

Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> 

diff -urpN a/libproxy/url.cpp b/libproxy/url.cpp
--- a/libproxy/url.cpp	2012-11-26 10:08:47.000000000 +0800
+++ b/libproxy/url.cpp	2012-11-26 10:05:54.000000000 +0800
@@ -472,9 +472,10 @@ char* url::get_pac() {
 				// Add this chunk to our content length,
 				// ensuring that we aren't over our max size
 				content_length += chunk_length;
-				if (content_length >= PAC_MAX_SIZE) break;
 			}
 
+			if (content_length >= PAC_MAX_SIZE) break;
+
 			while (recvd != content_length) {
 				int r = recv(sock, buffer + recvd, content_length - recvd, 0);
 				if (r < 0) break;