diff options
Diffstat (limited to 'sys-apps/systemd/files/CVE-2017-15908.patch')
-rw-r--r-- | sys-apps/systemd/files/CVE-2017-15908.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/sys-apps/systemd/files/CVE-2017-15908.patch b/sys-apps/systemd/files/CVE-2017-15908.patch new file mode 100644 index 000000000000..08e5e37514ce --- /dev/null +++ b/sys-apps/systemd/files/CVE-2017-15908.patch @@ -0,0 +1,39 @@ +From 9f939335a07085aa9a9663efd1dca06ef6405d62 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> +Date: Wed, 25 Oct 2017 11:19:19 +0200 +Subject: [PATCH] resolved: fix loop on packets with pseudo dns types + +Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D. + +https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351 +--- + src/resolve/resolved-dns-packet.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c +index e2f227bfc..35f4d0689 100644 +--- a/src/resolve/resolved-dns-packet.c ++++ b/src/resolve/resolved-dns-packet.c +@@ -1514,7 +1514,7 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta + + found = true; + +- while (bitmask) { ++ for (; bitmask; bit++, bitmask >>= 1) + if (bitmap[i] & bitmask) { + uint16_t n; + +@@ -1528,10 +1528,6 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta + if (r < 0) + return r; + } +- +- bit++; +- bitmask >>= 1; +- } + } + + if (!found) +-- +2.15.0.rc2 + |