File: inaddr.patch

package info (click to toggle)
libcommoncpp2 1.8.1-6.1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 5,272 kB
  • ctags: 4,532
  • sloc: cpp: 29,219; sh: 10,352; ansic: 1,134; makefile: 232; xml: 5
file content (18 lines) | stat: -rw-r--r-- 884 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 
Description: libcommoncpp2-dev: crash from buffer overflow
 When using commoncpp2 on 64 bit systems  (as SFLphone does), if gethostbyname
 fails, libcommoncpp2 will cause a buffer overflow by doing an incorrect memset.
From: Tristan Matthews <tristan.matthews@savoirfairelinux.net>
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693471
Applied-Upstream: https://github.com/dyfet/ucommon/commit/d530ef040def990b2f44a9dc7da410f233cae2be

--- a/src/inaddr.cpp	2010-10-31 19:43:40.000000000 -0400
+++ b/src/inaddr.cpp	2012-11-16 15:14:16.667082655 -0500
@@ -333,7 +333,7 @@ void IPV4Address::setAddress(const char
             if(ipaddr)
                 delete[] ipaddr;
             ipaddr = new struct in_addr[1];
-            memset((void *)&ipaddr[0], 0, sizeof(ipaddr));
+            memset((void *)&ipaddr[0], 0, sizeof(ipaddr[0]));
             return;
         }