[oe-commits] Tom Rini : avahi: Fix for CVE-2011-1002
git version control
git at git.openembedded.org
Mon Feb 28 03:05:08 UTC 2011
Module: openembedded.git
Branch: master
Commit: 2de86aa285bee790c9c4171d66b0a03932cb0865
URL: http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=2de86aa285bee790c9c4171d66b0a03932cb0865
Author: Tom Rini <tom_rini at mentor.com>
Date: Sun Feb 27 16:45:36 2011 -0700
avahi: Fix for CVE-2011-1002
As in the patch comments, based on upstream but with a minor change.
Signed-off-by: Tom Rini <tom_rini at mentor.com>
---
recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch | 37 ++++++++++++++++++++
recipes/avahi/avahi_0.6.25.bb | 3 +-
2 files changed, 39 insertions(+), 1 deletions(-)
diff --git a/recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch b/recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch
new file mode 100644
index 0000000..f45af44
--- /dev/null
+++ b/recipes/avahi/avahi-0.6.25/fix-CVE-2011-1002.patch
@@ -0,0 +1,37 @@
+Based on the official fix (46109dfec75534fe270c0ab902576f685d5ab3a6) but
+since we missed having 2b2844b10d7b7e5c97f9c667d664d9418bb7769a we are
+two hunks smaller.
+
+Index: avahi-0.6.25/avahi-core/socket.c
+===================================================================
+--- avahi-0.6.25.orig/avahi-core/socket.c
++++ avahi-0.6.25/avahi-core/socket.c
+@@ -684,10 +684,14 @@ AvahiDnsPacket *avahi_recv_dns_packet_ip
+ goto fail;
+ }
+
+- if (sa.sin_addr.s_addr == INADDR_ANY) {
++ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So
++ * fail after having read them. */
++ if (!ms)
++ goto fail;
++
++ if (sa.sin_addr.s_addr == INADDR_ANY)
+ /* Linux 2.4 behaves very strangely sometimes! */
+ goto fail;
+- }
+
+ assert(!(msg.msg_flags & MSG_CTRUNC));
+ assert(!(msg.msg_flags & MSG_TRUNC));
+@@ -839,6 +843,11 @@ AvahiDnsPacket *avahi_recv_dns_packet_ip
+ goto fail;
+ }
+
++ /* For corrupt packets FIONREAD returns zero size (See rhbz #607297). So
++ * fail after having read them. */
++ if (!ms)
++ goto fail;
++
+ assert(!(msg.msg_flags & MSG_CTRUNC));
+ assert(!(msg.msg_flags & MSG_TRUNC));
+
diff --git a/recipes/avahi/avahi_0.6.25.bb b/recipes/avahi/avahi_0.6.25.bb
index 4b598a0..a7a28ec 100644
--- a/recipes/avahi/avahi_0.6.25.bb
+++ b/recipes/avahi/avahi_0.6.25.bb
@@ -6,7 +6,8 @@ DEPENDS += "intltool-native"
PACKAGES =+ "libavahi-gobject"
-SRC_URI += "file://disable-ipv6.patch"
+SRC_URI += "file://disable-ipv6.patch \
+ file://fix-CVE-2011-1002.patch"
noipv6 = "${@base_contains('DISTRO_FEATURES', 'ipv6', '', '-DDISABLE_IPV6', d)}"
EXTRA_OEMAKE_append = " 'CFLAGS=${CFLAGS} ${noipv6}'"
More information about the Openembedded-commits
mailing list