Code Review / pti / rtp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
meta-starlingx: remove the upstream layer
[pti/rtp.git] / meta-starlingx / meta-stx-integ / recipes-support / dnsmasq / dnsmasq / stx / dnsmasq-2.76-CVE-2017-14493.patch
diff --git a/meta-starlingx/meta-stx-integ/recipes-support/dnsmasq/dnsmasq/stx/dnsmasq-2.76-CVE-2017-14493.patch b/meta-starlingx/meta-stx-integ/recipes-support/dnsmasq/dnsmasq/stx/dnsmasq-2.76-CVE-2017-14493.patch
deleted file mode 100644 (file)
index 5634803..0000000
--- a/meta-starlingx/meta-stx-integ/recipes-support/dnsmasq/dnsmasq/stx/dnsmasq-2.76-CVE-2017-14493.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 5086b12a4b1269d1576b5bab01f72c6fa19c55bc Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Mon, 25 Sep 2017 18:52:50 +0100
-Subject: [PATCH 3/9]     Security fix, CVE-2017-14493, DHCPv6 - Stack buffer
- overflow.
-
-    Fix stack overflow in DHCPv6 code. An attacker who can send
-    a DHCPv6 request to dnsmasq can overflow the stack frame and
-    crash or control dnsmasq.
----
- src/rfc3315.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/rfc3315.c b/src/rfc3315.c
-index 73bdee4..8d18a28 100644
---- a/src/rfc3315.c
-+++ b/src/rfc3315.c
-@@ -206,6 +206,9 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
-   /* RFC-6939 */
-   if ((opt = opt6_find(opts, end, OPTION6_CLIENT_MAC, 3)))
-     {
-+      if (opt6_len(opt) - 2 > DHCP_CHADDR_MAX) {
-+        return 0;
-+      }
-       state->mac_type = opt6_uint(opt, 0, 2);
-       state->mac_len = opt6_len(opt) - 2;
-       memcpy(&state->mac[0], opt6_ptr(opt, 2), state->mac_len);
--- 
-2.9.5
-
Performance Tuned Infrastructure