Overview

File bind-CVE-2020-8625.patch of Package bind.28934

Index: bind-9.16.6/lib/dns/spnego.c
===================================================================
--- bind-9.16.6.orig/lib/dns/spnego.c
+++ bind-9.16.6/lib/dns/spnego.c
@@ -846,7 +846,7 @@ der_get_oid(const unsigned char *p, size
 		return (ASN1_OVERRUN);
 	}
 
-	data->components = malloc(len * sizeof(*data->components));
+	data->components = malloc((len + 1) * sizeof(*data->components));
 	if (data->components == NULL) {
 		return (ENOMEM);
 	}
openSUSE Build Service is sponsored by
Places