Overview

File slirp4netns-CVE-2020-29130.patch of Package slirp4netns.23224

Index: slirp4netns-0.4.7/vendor/libslirp/src/ncsi.c
===================================================================
--- slirp4netns-0.4.7.orig/vendor/libslirp/src/ncsi.c	2020-07-09 05:17:54.000000000 +0200
+++ slirp4netns-0.4.7/vendor/libslirp/src/ncsi.c	2022-03-08 16:20:23.606923855 +0100
@@ -148,6 +148,10 @@ void ncsi_input(Slirp *slirp, const uint
     uint32_t checksum;
     uint32_t *pchecksum;
 
+    if (pkt_len < ETH_HLEN + sizeof(struct ncsi_pkt_hdr)) {
+        return; /* packet too short */
+    }
+
     memset(ncsi_reply, 0, sizeof(ncsi_reply));
 
     memset(reh->h_dest, 0xff, ETH_ALEN);
Index: slirp4netns-0.4.7/vendor/libslirp/src/slirp.c
===================================================================
--- slirp4netns-0.4.7.orig/vendor/libslirp/src/slirp.c	2020-07-09 05:17:54.000000000 +0200
+++ slirp4netns-0.4.7/vendor/libslirp/src/slirp.c	2022-03-08 16:20:23.606923855 +0100
@@ -763,6 +763,10 @@ static void arp_input(Slirp *slirp, cons
         return;
     }
 
+    if (pkt_len < ETH_HLEN + sizeof(struct slirp_arphdr)) {
+        return; /* packet too short */
+    }
+
     ar_op = ntohs(ah->ar_op);
     switch (ar_op) {
     case ARPOP_REQUEST:
openSUSE Build Service is sponsored by
Places