diff options
| author | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2017-12-01 21:56:44 +0100 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2017-12-01 21:56:44 +0100 |
| commit | 1c8dda3e435cfadaffe1f0cc062ad3c8ffbe84a7 (patch) | |
| tree | dd26d5bc619271f8cccf0c9d7abdda9a1749d13f /package/musl/0003-in-dns-parsing-callback-enforce-MAXADDRS-to-preclude.patch | |
| parent | 57dcad243e6daefefbe21109e1fc97272053a7a0 (diff) | |
| parent | 787a31fed42f98a8e2e6a0bd2079376c861436f2 (diff) | |
| download | buildroot-1c8dda3e435cfadaffe1f0cc062ad3c8ffbe84a7.tar.gz buildroot-1c8dda3e435cfadaffe1f0cc062ad3c8ffbe84a7.zip | |
Merge branch 'next'
This merges the next branch accumulated during the 2017.11 release
cycle back into the master branch.
A few conflicts had to be resolved:
- In the DEVELOPERS file, because Fabrice Fontaine was added as a
developer for libupnp in master, and for libupnp18 in
next. Resolution is simple: add him for both.
- linux/Config.in, because we updated the 4.13.x release used by
default in master, while we moved to 4.14 in next. Resolution: use
4.14.
- package/libupnp/libupnp.hash: a hash for the license file was added
in master, while the package was bumped into next. Resolution: keep
the hash for the license file, and keep the hash for the newest
version of libupnp.
- package/linux-headers/Config.in.host: default version of the kernel
headers for 4.13 was bumped to the latest 4.13.x in master, but was
changed to 4.14 in next. Resolution: use 4.14.
- package/samba4/: samba was bumped to 4.6.11 in master for security
reasons, but was bumped to 4.7.3 in next. Resolution: keep 4.7.3.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/musl/0003-in-dns-parsing-callback-enforce-MAXADDRS-to-preclude.patch')
| -rw-r--r-- | package/musl/0003-in-dns-parsing-callback-enforce-MAXADDRS-to-preclude.patch | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/package/musl/0003-in-dns-parsing-callback-enforce-MAXADDRS-to-preclude.patch b/package/musl/0003-in-dns-parsing-callback-enforce-MAXADDRS-to-preclude.patch deleted file mode 100644 index c6b5ef26b4..0000000000 --- a/package/musl/0003-in-dns-parsing-callback-enforce-MAXADDRS-to-preclude.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 45ca5d3fcb6f874bf5ba55d0e9651cef68515395 Mon Sep 17 00:00:00 2001 -From: Rich Felker <dalias@aerifal.cx> -Date: Wed, 18 Oct 2017 14:50:03 -0400 -Subject: [PATCH] in dns parsing callback, enforce MAXADDRS to preclude - overflow - -MAXADDRS was chosen not to need enforcement, but the logic used to -compute it assumes the answers received match the RR types of the -queries. specifically, it assumes that only one replu contains A -record answers. if the replies to both the A and the AAAA query have -their answer sections filled with A records, MAXADDRS can be exceeded -and clobber the stack of the calling function. - -this bug was found and reported by Felix Wilhelm. - -Signed-off-by: Peter Korsgaard <peter@korsgaard.com> ---- - src/network/lookup_name.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/network/lookup_name.c b/src/network/lookup_name.c -index 066be4d5..209c20f0 100644 ---- a/src/network/lookup_name.c -+++ b/src/network/lookup_name.c -@@ -111,6 +111,7 @@ static int dns_parse_callback(void *c, int rr, const void *data, int len, const - { - char tmp[256]; - struct dpc_ctx *ctx = c; -+ if (ctx->cnt >= MAXADDRS) return -1; - switch (rr) { - case RR_A: - if (len != 4) return -1; --- -2.11.0 - |
