diff options
Diffstat (limited to 'meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch')
| -rw-r--r-- | meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch b/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch deleted file mode 100644 index 7f2d93a937..0000000000 --- a/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch +++ /dev/null @@ -1,29 +0,0 @@ -Upstream-Status: Backport - -libproxy - CVE-2012-4504: - -Reference:https://code.google.com/p/libproxy/source/detail?r=853 - -Stack-based buffer overflow in the url::get_pac function in url.cpp -in libproxy 0.4.x before 0.4.9 allows remote servers to have an -unspecified impact via a large proxy.pac file. - -http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504 - -Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> - -diff -urpN a/libproxy/url.cpp b/libproxy/url.cpp ---- a/libproxy/url.cpp 2012-11-26 10:08:47.000000000 +0800 -+++ b/libproxy/url.cpp 2012-11-26 10:05:54.000000000 +0800 -@@ -472,9 +472,10 @@ char* url::get_pac() { - // Add this chunk to our content length, - // ensuring that we aren't over our max size - content_length += chunk_length; -- if (content_length >= PAC_MAX_SIZE) break; - } - -+ if (content_length >= PAC_MAX_SIZE) break; -+ - while (recvd != content_length) { - int r = recv(sock, buffer + recvd, content_length - recvd, 0); - if (r < 0) break; |