summaryrefslogtreecommitdiff
path: root/sys-apps/systemd/files/CVE-2017-15908.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-apps/systemd/files/CVE-2017-15908.patch')
-rw-r--r--sys-apps/systemd/files/CVE-2017-15908.patch39
1 files changed, 39 insertions, 0 deletions
diff --git a/sys-apps/systemd/files/CVE-2017-15908.patch b/sys-apps/systemd/files/CVE-2017-15908.patch
new file mode 100644
index 000000000000..08e5e37514ce
--- /dev/null
+++ b/sys-apps/systemd/files/CVE-2017-15908.patch
@@ -0,0 +1,39 @@
+From 9f939335a07085aa9a9663efd1dca06ef6405d62 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Wed, 25 Oct 2017 11:19:19 +0200
+Subject: [PATCH] resolved: fix loop on packets with pseudo dns types
+
+Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D.
+
+https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
+---
+ src/resolve/resolved-dns-packet.c | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
+index e2f227bfc..35f4d0689 100644
+--- a/src/resolve/resolved-dns-packet.c
++++ b/src/resolve/resolved-dns-packet.c
+@@ -1514,7 +1514,7 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta
+
+ found = true;
+
+- while (bitmask) {
++ for (; bitmask; bit++, bitmask >>= 1)
+ if (bitmap[i] & bitmask) {
+ uint16_t n;
+
+@@ -1528,10 +1528,6 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta
+ if (r < 0)
+ return r;
+ }
+-
+- bit++;
+- bitmask >>= 1;
+- }
+ }
+
+ if (!found)
+--
+2.15.0.rc2
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 00:19:02 +0000