Gitiles
Code Review Sign In
gerrit.openbmc.org / mdmillerii / openbmc / 424a4cbfdefd78034c2f9800c43e9902038d6efd / . / poky / meta / recipes-connectivity / avahi / files / CVE-2023-38470.patch
blob: 91f9e677aceea888bda91a4d2dc695b6dc11424e [file] [log] [blame]
Patrick Williamsac13d5f2023-11-24 18:59:46 -0600[diff] [blame]1From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
3Date: Tue, 11 Apr 2023 15:29:59 +0200
4Subject: [PATCH] avahi: Ensure each label is at least one byte long
5
6The only allowed exception is single dot, where it should return empty
7string.
8
9Fixes #454.
10
11Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c]
12CVE: CVE-2023-38470
13
14Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
15---
16 avahi-common/domain-test.c | 14 ++++++++++++++
17 avahi-common/domain.c | 2 +-
18 2 files changed, 15 insertions(+), 1 deletion(-)
19
20diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c
21index cf763ec..3acc1c1 100644
22--- a/avahi-common/domain-test.c
23+++ b/avahi-common/domain-test.c
24@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
25 printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo."));
26 avahi_free(s);
27
28+ printf("%s\n", s = avahi_normalize_name_strdup("."));
29+ avahi_free(s);
30+
31+ s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}."
32+ "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}"
33+ ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`"
34+ "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?."
35+ "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}."
36+ "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?"
37+ "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM."
38+ "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?."
39+ "}.?.?.?.}.=.?.?.}");
40+ assert(s == NULL);
41+
42 printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff"));
43 printf("%i\n", avahi_domain_equal("A", "a"));
44
45diff --git a/avahi-common/domain.c b/avahi-common/domain.c
46index 3b1ab68..e66d241 100644
47--- a/avahi-common/domain.c
48+++ b/avahi-common/domain.c
49@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) {
50 }
51
52 if (!empty) {
53- if (size < 1)
54+ if (size < 2)
55 return NULL;
56
57 *(r++) = '.';
58--
592.40.0