diff options
Diffstat (limited to 'net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch')
-rw-r--r-- | net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch b/net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch new file mode 100644 index 000000000000..a44ceabece71 --- /dev/null +++ b/net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch @@ -0,0 +1,39 @@ +Fix memory leak in helper.c + +Thanks to Xu Mingjie <xumingjie1995@outlook.com> for spotting this. + +author: Simon Kelley <simon@thekelleys.org.uk> +commit-url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5 +diff --git a/src/helper.c b/src/helper.c +index 33ba120..c392eec 100644 (file) +--- a/src/helper.c ++++ b/src/helper.c +@@ -80,7 +80,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) + pid_t pid; + int i, pipefd[2]; + struct sigaction sigact; +- ++ unsigned char *alloc_buff = NULL; ++ + /* create the pipe through which the main program sends us commands, + then fork our process. */ + if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1) +@@ -186,11 +187,16 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) + struct script_data data; + char *p, *action_str, *hostname = NULL, *domain = NULL; + unsigned char *buf = (unsigned char *)daemon->namebuff; +- unsigned char *end, *extradata, *alloc_buff = NULL; ++ unsigned char *end, *extradata; + int is6, err = 0; + int pipeout[2]; + +- free(alloc_buff); ++ /* Free rarely-allocated memory from previous iteration. */ ++ if (alloc_buff) ++ { ++ free(alloc_buff); ++ alloc_buff = NULL; ++ } + + /* we read zero bytes when pipe closed: this is our signal to exit */ + if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1)) |