diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2020-09-16 09:32:48 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2020-09-16 09:32:48 +0100 |
commit | 9ee6d97c2883d42f204a533a8bc1f4562df778fb (patch) | |
tree | b690ddc0ca30f1472887edbb0b8313629bfcbbb2 /mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch | |
parent | b17a3ef12038de50228bade1f05502c74e135321 (diff) |
gentoo resync : 16.09.2020
Diffstat (limited to 'mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch')
-rw-r--r-- | mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch b/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch new file mode 100644 index 000000000000..334c11d5302f --- /dev/null +++ b/mail-filter/opendmarc/files/opendmarc-1.3.3-CVE-2020-12460.patch @@ -0,0 +1,41 @@ +From 50d28af25d8735504b6103537228ce7f76ad765f Mon Sep 17 00:00:00 2001 +From: "Murray S. Kucherawy" <msk@blackops.org> +Date: Wed, 5 Aug 2020 21:56:01 +0000 +Subject: [PATCH] In opendmarc_xml_parse(), ensure NULL-termination of the + buffer passed to opendmarc_xml(). + +--- + libopendmarc/opendmarc_xml.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/libopendmarc/opendmarc_xml.c b/libopendmarc/opendmarc_xml.c +index 26bb9dc..b3ac55a 100644 +--- a/libopendmarc/opendmarc_xml.c ++++ b/libopendmarc/opendmarc_xml.c +@@ -158,7 +158,7 @@ opendmarc_xml(char *b, size_t blen, char *e, size_t elen) + if (*cp != '<') + continue; + ++cp; +- for(sp = cp; *sp != '\0'; ++sp) ++ for (sp = cp; *sp != '\0'; ++sp) + { + if (*sp == '?') + break; +@@ -546,7 +546,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t err_len) + if (fname == NULL) + { + xerror = errno; +- (void) snprintf(err_buf, err_len, "%s: %s", fname, "File name was NULL"); ++ (void) snprintf(err_buf, err_len, "%s", "File name was NULL"); + errno = EINVAL; + return NULL; + } +@@ -572,7 +572,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t err_len) + return NULL; + } + +- bufp = calloc(statb.st_size, 1); ++ bufp = calloc(statb.st_size + 1, 1); + if (bufp == NULL) + { + xerror = errno; |