blob: f45af44eb8f9aed3218b64b2061dc572c35feedf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
Based on the official fix (46109dfec75534fe270c0ab902576f685d5ab3a6) but
since we missed having 2b2844b10d7b7e5c97f9c667d664d9418bb7769a we are
two hunks smaller.
Index: avahi-0.6.25/avahi-core/socket.c
===================================================================
--- avahi-0.6.25.orig/avahi-core/socket.c
+++ avahi-0.6.25/avahi-core/socket.c
@@ -684,10 +684,14 @@ AvahiDnsPacket *avahi_recv_dns_packet_ip
goto fail;
}
- if (sa.sin_addr.s_addr == INADDR_ANY) {
+ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So
+ * fail after having read them. */
+ if (!ms)
+ goto fail;
+
+ if (sa.sin_addr.s_addr == INADDR_ANY)
/* Linux 2.4 behaves very strangely sometimes! */
goto fail;
- }
assert(!(msg.msg_flags & MSG_CTRUNC));
assert(!(msg.msg_flags & MSG_TRUNC));
@@ -839,6 +843,11 @@ AvahiDnsPacket *avahi_recv_dns_packet_ip
goto fail;
}
+ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So
+ * fail after having read them. */
+ if (!ms)
+ goto fail;
+
assert(!(msg.msg_flags & MSG_CTRUNC));
assert(!(msg.msg_flags & MSG_TRUNC));
|