diff options
Diffstat (limited to 'net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch')
-rw-r--r-- | net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch b/net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch deleted file mode 100644 index 637b7f374ffc..000000000000 --- a/net-libs/pjproject/files/pjproject-2.12.1-CVE-2022-31031.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 450baca94f475345542c6953832650c390889202 Mon Sep 17 00:00:00 2001 -From: sauwming <ming@teluu.com> -Date: Tue, 7 Jun 2022 12:00:13 +0800 -Subject: [PATCH] Merge pull request from GHSA-26j7-ww69-c4qj - ---- - pjlib-util/src/pjlib-util/stun_simple.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pjlib-util/src/pjlib-util/stun_simple.c b/pjlib-util/src/pjlib-util/stun_simple.c -index 722519584..d0549176d 100644 ---- a/pjlib-util/src/pjlib-util/stun_simple.c -+++ b/pjlib-util/src/pjlib-util/stun_simple.c -@@ -54,6 +54,7 @@ PJ_DEF(pj_status_t) pjstun_parse_msg( void *buf, pj_size_t buf_len, - { - pj_uint16_t msg_type, msg_len; - char *p_attr; -+ int attr_max_cnt = PJ_ARRAY_SIZE(msg->attr); - - PJ_CHECK_STACK(); - -@@ -83,7 +84,7 @@ PJ_DEF(pj_status_t) pjstun_parse_msg( void *buf, pj_size_t buf_len, - msg->attr_count = 0; - p_attr = (char*)buf + sizeof(pjstun_msg_hdr); - -- while (msg_len > 0) { -+ while (msg_len > 0 && msg->attr_count < attr_max_cnt) { - pjstun_attr_hdr **attr = &msg->attr[msg->attr_count]; - pj_uint32_t len; - pj_uint16_t attr_type; -@@ -111,6 +112,10 @@ PJ_DEF(pj_status_t) pjstun_parse_msg( void *buf, pj_size_t buf_len, - p_attr += len; - ++msg->attr_count; - } -+ if (msg->attr_count == attr_max_cnt) { -+ PJ_LOG(4, (THIS_FILE, "Warning: max number attribute %d reached.", -+ attr_max_cnt)); -+ } - - return PJ_SUCCESS; - } |