Projects
openEuler:22.03:LTS:LoongArch
bind
_service:tar_scm_kernel_repo:backport-CVE-2022-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-CVE-2022-2881.patch of Package bind
From 13333db69f9b9710a98c86f44276e01e95420fa0 Mon Sep 17 00:00:00 2001 From: Evan Hunt <each@isc.org> Date: Tue, 16 Aug 2022 16:26:02 -0700 Subject: [PATCH] compression buffer was not reused correctly when the compression buffer was reused for multiple statistics requests, responses could grow beyond the correct size. this was because the buffer was not cleared before reuse; compressed data was still written to the beginning of the buffer, but then the size of used region was increased by the amount written, rather than set to the amount written. this caused responses to grow larger and larger, potentially reading past the end of the allocated buffer. (cherry picked from commit 47e9fa981e56a7a232f3219fe8a40525c79d748b) --- lib/isc/httpd.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 776455a..e55330b 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -246,6 +246,8 @@ free_buffer(isc_mem_t *mctx, isc_buffer_t *buffer) { if (r.length > 0) { isc_mem_put(mctx, r.base, r.length); } + + isc_buffer_initnull(buffer); } static void @@ -910,6 +912,7 @@ isc_httpd_compress(isc_httpd_t *httpd) { if (result != ISC_R_SUCCESS) { return (result); } + isc_buffer_clear(&httpd->compbuffer); isc_buffer_region(&httpd->compbuffer, &r); /* -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.