Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
netatalk
netatalk-CVE-2021-31439.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File netatalk-CVE-2021-31439.patch of Package netatalk
From 779717df2ed39b701deaf2472b42d59ff50fab7f Mon Sep 17 00:00:00 2001 From: Ralph Boehme <slow@samba.org> Date: Mon, 22 Nov 2021 05:32:46 +0100 Subject: [PATCH] CVE-2021-31439: libatalk: apply limit checking to DSI write offset Signed-off-by: Ralph Boehme <slow@samba.org> --- libatalk/dsi/dsi_stream.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libatalk/dsi/dsi_stream.c b/libatalk/dsi/dsi_stream.c index c8f859ce1..479d3ca42 100644 --- a/libatalk/dsi/dsi_stream.c +++ b/libatalk/dsi/dsi_stream.c @@ -624,6 +624,7 @@ int dsi_stream_receive(DSI *dsi) /* make sure we don't over-write our buffers. */ dsi->cmdlen = MIN(ntohl(dsi->header.dsi_len), dsi->server_quantum); + dsi->header.dsi_data.dsi_doff = MIN(dsi->header.dsi_data.dsi_doff, dsi->server_quantum); /* Receiving DSIWrite data is done in AFP function, not here */ if (dsi->header.dsi_data.dsi_doff) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor