git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
27a7516
)
CVE-2013-4408:s3:util_tsock: add some overflow detection to tstream_read_packet_done()
author
Stefan Metzmacher
<metze@samba.org>
Wed, 16 Oct 2013 12:17:49 +0000
(14:17 +0200)
committer
Karolin Seeger
<kseeger@samba.org>
Thu, 5 Dec 2013 10:11:52 +0000
(11:11 +0100)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
source3/lib/util_tsock.c
patch
|
blob
|
history
diff --git
a/source3/lib/util_tsock.c
b/source3/lib/util_tsock.c
index 35a97f5e692c4e59f860b12cdc15a0df6348370b..03380ef244bb9dae9883769708cd3330424fb4bc 100644
(file)
--- a/
source3/lib/util_tsock.c
+++ b/
source3/lib/util_tsock.c
@@
-110,6
+110,11
@@
static void tstream_read_packet_done(struct tevent_req *subreq)
return;
}
+ if (total + more < total) {
+ tevent_req_error(req, EMSGSIZE);
+ return;
+ }
+
tmp = talloc_realloc(state, state->buf, uint8_t, total+more);
if (tevent_req_nomem(tmp, req)) {
return;