gentoo resync : 03.11.2021

author: V3n3RiX <venerix@koprulu.sector> 2021-11-03 06:47:15 +0000
committer: V3n3RiX <venerix@koprulu.sector> 2021-11-03 06:47:15 +0000
commit: fc2f1018fc323ef2c6572734a9b130427cba76a6 (patch)
tree: f834bdc9a67923ce75297c09d00d1e7b90791d26 /dev-python/hiredis/files
parent: 162945d2a91899b637bbb9e163b406350de12906 (diff)
1 files changed, 36 insertions, 0 deletions
diff --git a/dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch b/dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch
new file mode 100644
index 000000000000..ad1bb80ac0de
--- /dev/null
+++ b/dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch
@@ -0,0 +1,36 @@
+--- a/vendor/hiredis/alloc.c
++++ b/vendor/hiredis/alloc.c
+@@ -68,6 +68,10 @@ void *hi_malloc(size_t size) {
+ }
+ 
+ void *hi_calloc(size_t nmemb, size_t size) {
++    /* Overflow check as the user can specify any arbitrary allocator */
++    if (SIZE_MAX / size < nmemb)
++        return NULL;
++
+     return hiredisAllocFns.callocFn(nmemb, size);
+ }
+ 
+diff --git a/alloc.h b/alloc.h
+index 34a05f4..771f9fe 100644
+--- a/vendor/hiredis/alloc.h
++++ b/vendor/hiredis/alloc.h
+@@ -32,6 +32,7 @@
+ #define HIREDIS_ALLOC_H
+ 
+ #include <stddef.h> /* for size_t */
++#include <stdint.h>
+ 
+ #ifdef __cplusplus
+ extern "C" {
+@@ -59,6 +60,10 @@ static inline void *hi_malloc(size_t size) {
+ }
+ 
+ static inline void *hi_calloc(size_t nmemb, size_t size) {
++    /* Overflow check as the user can specify any arbitrary allocator */
++    if (SIZE_MAX / size < nmemb)
++        return NULL;
++
+     return hiredisAllocFns.callocFn(nmemb, size);
+ }
+
author	V3n3RiX <venerix@koprulu.sector>	2021-11-03 06:47:15 +0000
committer	V3n3RiX <venerix@koprulu.sector>	2021-11-03 06:47:15 +0000
commit	fc2f1018fc323ef2c6572734a9b130427cba76a6 (patch)
tree	f834bdc9a67923ce75297c09d00d1e7b90791d26 /dev-python/hiredis/files
parent	162945d2a91899b637bbb9e163b406350de12906 (diff)