diff options
| author |   Tom Rini <tom_rini@mentor.com> | 2011-02-27 16:45:36 -0700 |
|---|---|---|
| committer |   Steffen Sledz <sledz@dresearch.de> | 2011-03-02 08:30:25 +0100 |
| commit | ebfc5af58af6cde690a77b3bf7a22999cb225dee (patch) | |
| tree | 16bcfcc7c97e01f08e9376d2bd993fffd35bb93d /recipes/avahi | |
| parent | dfab0a7d970a2d0b6e517816312b5a18f5562c6d (diff) | |
| download | openembedded-ebfc5af58af6cde690a77b3bf7a22999cb225dee.tar.gz | |
avahi: Fix for CVE-2011-1002
As in the patch comments, based on upstream but with a minor change.
Signed-off-by: Tom Rini <tom_rini@mentor.com>
Diffstat (limited to 'recipes/avahi')
| -rw-r--r-- | recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch | 37 | ||||
| -rw-r--r-- | recipes/avahi/avahi_0.6.25.bb | 3 |
2 files changed, 39 insertions, 1 deletions
diff --git a/recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch b/recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch new file mode 100644 index 0000000000..f45af44eb8 --- /dev/null +++ b/recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch @@ -0,0 +1,37 @@ +Based on the official fix (46109dfec75534fe270c0ab902576f685d5ab3a6) but +since we missed having 2b2844b10d7b7e5c97f9c667d664d9418bb7769a we are +two hunks smaller. + +Index: avahi-0.6.25/avahi-core/socket.c +=================================================================== +--- avahi-0.6.25.orig/avahi-core/socket.c ++++ avahi-0.6.25/avahi-core/socket.c +@@ -684,10 +684,14 @@ AvahiDnsPacket *avahi_recv_dns_packet_ip + goto fail; + } + +- if (sa.sin_addr.s_addr == INADDR_ANY) { ++ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So ++ * fail after having read them. */ ++ if (!ms) ++ goto fail; ++ ++ if (sa.sin_addr.s_addr == INADDR_ANY) + /* Linux 2.4 behaves very strangely sometimes! */ + goto fail; +- } + + assert(!(msg.msg_flags & MSG_CTRUNC)); + assert(!(msg.msg_flags & MSG_TRUNC)); +@@ -839,6 +843,11 @@ AvahiDnsPacket *avahi_recv_dns_packet_ip + goto fail; + } + ++ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So ++ * fail after having read them. */ ++ if (!ms) ++ goto fail; ++ + assert(!(msg.msg_flags & MSG_CTRUNC)); + assert(!(msg.msg_flags & MSG_TRUNC)); + diff --git a/recipes/avahi/avahi_0.6.25.bb b/recipes/avahi/avahi_0.6.25.bb index 4b598a0313..a7a28ecf11 100644 --- a/recipes/avahi/avahi_0.6.25.bb +++ b/recipes/avahi/avahi_0.6.25.bb @@ -6,7 +6,8 @@ DEPENDS += "intltool-native" PACKAGES =+ "libavahi-gobject" -SRC_URI += "file://disable-ipv6.patch" +SRC_URI += "file://disable-ipv6.patch \ + file://fix-CVE-2011-1002.patch" noipv6 = "${@base_contains('DISTRO_FEATURES', 'ipv6', '', '-DDISABLE_IPV6', d)}" EXTRA_OEMAKE_append = " 'CFLAGS=${CFLAGS} ${noipv6}'" |