File bind-CVE-2020-8625.patch of Package bind.26108
Index: bind-9.16.6/lib/dns/spnego.c =================================================================== --- bind-9.16.6.orig/lib/dns/spnego.c +++ bind-9.16.6/lib/dns/spnego.c @@ -846,7 +846,7 @@ der_get_oid(const unsigned char *p, size return (ASN1_OVERRUN); } - data->components = malloc(len * sizeof(*data->components)); + data->components = malloc((len + 1) * sizeof(*data->components)); if (data->components == NULL) { return (ENOMEM); }