diff options
author | V3n3RiX <venerix@koprulu.sector> | 2023-05-18 10:12:16 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2023-05-18 10:12:16 +0100 |
commit | 8ea6e43d2f65acbfda614dbd4635823d7605b6d8 (patch) | |
tree | 06f832bd17f7282b5cd87dbec9f023e550afcc04 /net-libs/libsignal-protocol-c/files | |
parent | 75b7b7da41881995754ded71c9c029cb1686096d (diff) |
gentoo auto-resync : 18:05:2023 - 10:12:16
Diffstat (limited to 'net-libs/libsignal-protocol-c/files')
-rw-r--r-- | net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch b/net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch new file mode 100644 index 000000000000..8b3706dd8829 --- /dev/null +++ b/net-libs/libsignal-protocol-c/files/libsignal-protocol-c-2.3.3-CVE-2022-48468.patch @@ -0,0 +1,53 @@ +From 478dfe51552243b367cf2e9c5d047cbbd3c21635 Mon Sep 17 00:00:00 2001 +From: Randy Barlow <randy@electronsweatshop.com> +Date: Fri, 18 Mar 2022 12:42:57 -0400 +Subject: [PATCH] CVE-2022-48468: unsigned integer overflow + +This commit combines two upstream commits from protobuf-c[0][1]. +The first fixes an unsigned integer overflow, and the second fixes a +regression introduced by the first. I originally decided to amend the +commit message of the first to mention that it fixes a CVE, but then I +realized it would be better to bring the fix for the regression together +with it. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48468 +https://bugzilla.redhat.com/show_bug.cgi?id=2186673 + +[0] +https://github.com/protobuf-c/protobuf-c/pull/513/commits/289f5c18b195aa43d46a619d1188709abbfa9c82 +[1] +https://github.com/protobuf-c/protobuf-c/pull/513/commits/0d1fd124a4e0a07b524989f6e64410ff648fba61 + +Co-authored-by: 10054172 <hui.zhang@thalesgroup.com> +Co-authored-by: "Todd C. Miller" <Todd.Miller@sudo.ws> +Signed-off-by: 10054172 <hui.zhang@thalesgroup.com> +Signed-off-by: Randy Barlow <randy@electronsweatshop.com> +--- + src/protobuf-c/protobuf-c.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/src/protobuf-c/protobuf-c.c b/src/protobuf-c/protobuf-c.c +index 4f2f5bc..6ae5287 100644 +--- a/src/protobuf-c/protobuf-c.c ++++ b/src/protobuf-c/protobuf-c.c +@@ -2456,10 +2456,13 @@ parse_required_member(ScannedMember *scanned_member, + return FALSE; + + def_mess = scanned_member->field->default_value; +- subm = protobuf_c_message_unpack(scanned_member->field->descriptor, +- allocator, +- len - pref_len, +- data + pref_len); ++ if (len >= pref_len) ++ subm = protobuf_c_message_unpack(scanned_member->field->descriptor, ++ allocator, ++ len - pref_len, ++ data + pref_len); ++ else ++ subm = NULL; + + if (maybe_clear && + *pmessage != NULL && +-- +2.39.2 + |