Overview

File bind-CVE-2020-8625.patch of Package bind.29689

Index: bind-9.9.9-P1/lib/dns/spnego.c
===================================================================
--- bind-9.9.9-P1.orig/lib/dns/spnego.c
+++ bind-9.9.9-P1/lib/dns/spnego.c
@@ -877,7 +877,7 @@ der_get_oid(const unsigned char *p, size
 	if (len < 1U)
 		return (ASN1_OVERRUN);
 
-	data->components = malloc(len * sizeof(*data->components));
+	data->components = malloc((len + 1) * sizeof(*data->components));
 	if (data->components == NULL && len != 0U)
 		return (ENOMEM);
 	data->components[0] = (*p) / 40;
openSUSE Build Service is sponsored by
Places