Gitiles
Code Review Sign In
gerrit.openbmc.org / mdmillerii / openbmc / 9ece0a425034fbc0271632b54926a94968fe8a0f / . / poky / meta / recipes-connectivity / avahi / files / CVE-2023-38469-1.patch
blob: a078f66102f92b8c3a38f0ea76ed2e83b1c72cd5 [file] [log] [blame]
Patrick Williamsac13d5f2023-11-24 18:59:46 -0600[diff] [blame]1From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001
2From: Evgeny Vereshchagin <evvers@ya.ru>
3Date: Mon, 23 Oct 2023 20:29:31 +0000
4Subject: [PATCH] avahi: core: reject overly long TXT resource records
5
6Closes https://github.com/lathiat/avahi/issues/455
7
8Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf]
9CVE: CVE-2023-38469
10
11Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
12---
13 avahi-core/rr.c | 9 ++++++++-
14 1 file changed, 8 insertions(+), 1 deletion(-)
15
16diff --git a/avahi-core/rr.c b/avahi-core/rr.c
17index 7fa0bee..b03a24c 100644
18--- a/avahi-core/rr.c
19+++ b/avahi-core/rr.c
20@@ -32,6 +32,7 @@
21 #include <avahi-common/malloc.h>
22 #include <avahi-common/defs.h>
23
24+#include "dns.h"
25 #include "rr.h"
26 #include "log.h"
27 #include "util.h"
28@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
29 case AVAHI_DNS_TYPE_TXT: {
30
31 AvahiStringList *strlst;
32+ size_t used = 0;
33
34- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
35+ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
36 if (strlst->size > 255 || strlst->size <= 0)
37 return 0;
38
39+ used += 1+strlst->size;
40+ if (used > AVAHI_DNS_RDATA_MAX)
41+ return 0;
42+ }
43+
44 return 1;
45 }
46 }
47--
482.40.0