[Pkg-samba-maint] [samba] 10/26: CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
Ivo De Decker
idd-guest at moszumanska.debian.org
Mon Dec 9 22:22:15 UTC 2013
This is an automated email from the git hooks/post-receive script.
idd-guest pushed a commit to branch samba_4.1
in repository samba.
commit 0ba0b27176b2caccf7e708e60acec14d17469125
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Oct 16 14:17:49 2013 +0200
CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
---
lib/async_req/async_sock.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index 59dde88..74b2cb7 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -667,6 +667,11 @@ static void read_packet_handler(struct tevent_context *ev,
return;
}
+ if (total + more < total) {
+ tevent_req_error(req, EMSGSIZE);
+ return;
+ }
+
tmp = talloc_realloc(state, state->buf, uint8_t, total+more);
if (tevent_req_nomem(tmp, req)) {
return;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git
More information about the Pkg-samba-maint
mailing list