[Glibc-bsd-commits] r4899 - branches/wheezy/kfreebsd-9/debian/patches
Steven Chamberlain
stevenc-guest at alioth.debian.org
Thu Aug 22 12:35:55 UTC 2013
Author: stevenc-guest
Date: 2013-08-22 12:35:55 +0000 (Thu, 22 Aug 2013)
New Revision: 4899
Added:
branches/wheezy/kfreebsd-9/debian/patches/SA-13_09.ip_multicast.patch
Modified:
branches/wheezy/kfreebsd-9/debian/patches/series
Log:
Fix an integer overflow in computing the size of a temporary buffer
can result in a buffer which is too small for the requested
operation. [13:09] (CVE-2013-3077)
Added: branches/wheezy/kfreebsd-9/debian/patches/SA-13_09.ip_multicast.patch
===================================================================
--- branches/wheezy/kfreebsd-9/debian/patches/SA-13_09.ip_multicast.patch (rev 0)
+++ branches/wheezy/kfreebsd-9/debian/patches/SA-13_09.ip_multicast.patch 2013-08-22 12:35:55 UTC (rev 4899)
@@ -0,0 +1,35 @@
+Description:
+ Fix an integer overflow in computing the size of a temporary buffer
+ can result in a buffer which is too small for the requested
+ operation. [13:09] (CVE-2013-3077)
+Origin: vendor, http://security.FreeBSD.org/patches/SA-13:09/ip_multicast.patch
+Bug: http://security.FreeBSD.org/advisories/FreeBSD-SA-13:09.ip_multicast.asc
+Bug-Debian: http://bugs.debian.org/720468
+Applied-Upstream: http://svnweb.freebsd.org/base?view=revision&revision=254629
+
+Index: kfreebsd-9-9.0/sys/netinet/in_mcast.c
+===================================================================
+--- kfreebsd-9-9.0.orig/sys/netinet/in_mcast.c 2010-04-10 13:05:31.000000000 +0100
++++ kfreebsd-9-9.0/sys/netinet/in_mcast.c 2013-08-22 13:31:07.139830942 +0100
+@@ -1613,6 +1613,8 @@
+ * has asked for, but we always tell userland how big the
+ * buffer really needs to be.
+ */
++ if (msfr.msfr_nsrcs > in_mcast_maxsocksrc)
++ msfr.msfr_nsrcs = in_mcast_maxsocksrc;
+ tss = NULL;
+ if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
+ tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
+Index: kfreebsd-9-9.0/sys/netinet6/in6_mcast.c
+===================================================================
+--- kfreebsd-9-9.0.orig/sys/netinet6/in6_mcast.c 2011-11-23 15:18:16.000000000 +0000
++++ kfreebsd-9-9.0/sys/netinet6/in6_mcast.c 2013-08-22 13:31:07.141767292 +0100
+@@ -1624,6 +1624,8 @@
+ * has asked for, but we always tell userland how big the
+ * buffer really needs to be.
+ */
++ if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc)
++ msfr.msfr_nsrcs = in6_mcast_maxsocksrc;
+ tss = NULL;
+ if (msfr.msfr_srcs != NULL && msfr.msfr_nsrcs > 0) {
+ tss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs,
Modified: branches/wheezy/kfreebsd-9/debian/patches/series
===================================================================
--- branches/wheezy/kfreebsd-9/debian/patches/series 2013-08-22 12:19:39 UTC (rev 4898)
+++ branches/wheezy/kfreebsd-9/debian/patches/series 2013-08-22 12:35:55 UTC (rev 4899)
@@ -11,6 +11,7 @@
SA-13_05.nfsserver.patch
SA-13_06.mmap.patch
SA-13_08.nfsserver.patch
+SA-13_09.ip_multicast.patch
# Other patches that might or might not be mergeable
001_misc.diff
More information about the Glibc-bsd-commits
mailing list