diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
commit | 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch) | |
tree | cd70a267a5ef105ba32f200aa088e281fbd85747 /external/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch | |
parent | 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff) |
basesystem-jjsandbox/ToshikazuOhiwa/master-jj
recipes
Diffstat (limited to 'external/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch')
-rw-r--r-- | external/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/external/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch b/external/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch deleted file mode 100644 index c8f0c47b..00000000 --- a/external/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch +++ /dev/null @@ -1,39 +0,0 @@ -From a6b1e0fd14311587186e40d09bff5c8c3aada2e4 Mon Sep 17 00:00:00 2001 -From: Amos Jeffries <squid3@treenet.co.nz> -Date: Sat, 25 Jul 2015 05:53:16 -0700 -Subject: [PATCH] smblib: fix buffer over-read - -When parsing SMB LanManager packets with invalid protocol ID and the -default set of Squid supported protocols. It may access memory outside -the buffer storing protocol names. - -smblib is only used by already deprecated helpers which are deprecated -due to far more significant NTLM protocol issues. It will also only -result in packets being rejected later with invalid protocol names. So -this is a minor bug rather than a vulnerability. - - Detected by Coverity Scan. Issue 1256165 ---- -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Backport - - lib/smblib/smblib-util.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/lib/smblib/smblib-util.c b/lib/smblib/smblib-util.c -index 6139ae2..e722cbb 100644 ---- a/lib/smblib/smblib-util.c -+++ b/lib/smblib/smblib-util.c -@@ -204,7 +204,11 @@ int SMB_Figure_Protocol(const char *dialects[], int prot_index) - { - int i; - -- if (dialects == SMB_Prots) { /* The jobs is easy, just index into table */ -+ // prot_index may be a value outside the table SMB_Types[] -+ // which holds data at offsets 0 to 11 -+ int ourType = (prot_index < 0 || prot_index > 11); -+ -+ if (ourType && dialects == SMB_Prots) { /* The jobs is easy, just index into table */ - - return(SMB_Types[prot_index]); - } else { /* Search through SMB_Prots looking for a match */ |