sbonazzo / rpms / cyrus-sasl

Forked from rpms/cyrus-sasl 2 years ago
Clone
Source Code
GIT

Blame SOURCES/cyrus-sasl-2.1.27-CVE-2019-19906.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9-beta
  1.   1ddeb0879e678ef6bc4ae68f621541d5da9537f2
  2.   SOURCES
  3.   cyrus-sasl-2.1.27-CVE-2019-19906.patch
Blob History Raw
1ddeb0 
From bcb6c06ec17728f7c9c492dc257b1e541a6830da Mon Sep 17 00:00:00 2001
1ddeb0 
From: Simo Sorce <simo@redhat.com>
1ddeb0 
Date: Tue, 5 May 2020 14:41:06 -0400
1ddeb0 
Subject: [PATCH] CVE-2019-19906
1ddeb0
1ddeb0 
Backport of commit id:
1ddeb0 
dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1
1ddeb0
1ddeb0 
Signed-off-by: Simo Sorce <simo@redhat.com>
1ddeb0 
---
1ddeb0 
 lib/common.c | 2 +-
1ddeb0 
 1 file changed, 1 insertion(+), 1 deletion(-)
1ddeb0
1ddeb0 
diff --git a/lib/common.c b/lib/common.c
1ddeb0 
index bc3bf1d..9969d6a 100644
1ddeb0 
--- a/lib/common.c
1ddeb0 
+++ b/lib/common.c
1ddeb0 
@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
1ddeb0
1ddeb0 
   if (add==NULL) add = "(null)";
1ddeb0
1ddeb0 
-  addlen=strlen(add); /* only compute once */
1ddeb0 
+  addlen=strlen(add)+1; /* only compute once */
1ddeb0 
   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
1ddeb0 
     return SASL_NOMEM;
1ddeb0
1ddeb0 
--
1ddeb0 
2.18.2
1ddeb0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation