Blame - meta-openembedded/meta-oe/recipes-networking/cyrus-sasl/cyrus-sasl/CVE-2019-19906.patch - openbmc/openbmc

blob: 33a9e3f6e6b3bd853e3cb71915801ccf7245dc11 [file] [log] [blame]

Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	1	From 94fe6eb9ea2691f4a7c32fbf2d0c7c454995b666 Mon Sep 17 00:00:00 2001
				2	From: Changqing Li <changqing.li@windriver.com>
				3	Date: Thu, 27 Feb 2020 11:08:57 +0800
				4	Subject: [PATCH] Fix #587
				5
				6	Off by one error in common.c, CVE-2019-19906.
				7
				8	Thanks to Stephan Zeisberg for reporting
				9
				10	CVE: CVE-2019-19906
				11
				12	Upstream-Stauts: Backport [https://github.com/cyrusimap/cyrus-sasl
				13	/commit/dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1]
				14
				15	Signed-off-by: Changqing Li <changqing.li@windriver.com>
				16	---
				17	lib/common.c \| 2 +-
				18	1 file changed, 1 insertion(+), 1 deletion(-)
				19
				20	diff --git a/lib/common.c b/lib/common.c
Andrew Geissler	9aee500	2022-03-30 16:27:02 +0000	[diff] [blame]	21	index d9104c8..fef82db 100644
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	22	--- a/lib/common.c
				23	+++ b/lib/common.c
				24	@@ -190,7 +190,7 @@ int _sasl_add_string(char *out, size_t alloclen,
				25
				26	if (add==NULL) add = "(null)";
				27
				28	- addlen=strlen(add); /* only compute once */
				29	+ addlen=strlen(add)+1; /* only compute once */
Andrew Geissler	9aee500	2022-03-30 16:27:02 +0000	[diff] [blame]	30	if (_buf_alloc(out, alloclen, (*outlen)+addlen+1)!=SASL_OK)
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	31	return SASL_NOMEM;
				32
				33	--
Andrew Geissler	9aee500	2022-03-30 16:27:02 +0000	[diff] [blame]	34	2.25.1
Andrew Geissler	82c905d	2020-04-13 13:39:40 -0500	[diff] [blame]	35