rpms / dovecot

Clone
Source Code
GIT

Blame SOURCES/dovecot-2.2.36-cve_2019_7524part2of2.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   7f3edca6d99b315a64b0d4519fc5f02dab58ec94
  2.   SOURCES
  3.   dovecot-2.2.36-cve_2019_7524part2of2.patch
Blob History Raw
11c5e2 
From df17cee615377f2474c86eb6a5b3fe5caa8b70fe Mon Sep 17 00:00:00 2001
11c5e2 
From: Timo Sirainen <timo.sirainen@open-xchange.com>
11c5e2 
Date: Mon, 4 Feb 2019 19:25:13 -0800
11c5e2 
Subject: [PATCH] fts: Fix buffer overflow when reading oversized fts header
11c5e2
11c5e2 
---
11c5e2 
 src/plugins/fts/fts-api.c | 2 +-
11c5e2 
 1 file changed, 1 insertion(+), 1 deletion(-)
11c5e2
11c5e2 
diff --git a/src/plugins/fts/fts-api.c b/src/plugins/fts/fts-api.c
11c5e2 
index 5a5b2a919e..4f8a1c125d 100644
11c5e2 
--- a/src/plugins/fts/fts-api.c
11c5e2 
+++ b/src/plugins/fts/fts-api.c
11c5e2 
@@ -425,7 +425,7 @@ bool fts_index_get_header(struct mailbox *box, struct fts_index_header *hdr_r)
11c5e2 
 		i_zero(hdr_r);
11c5e2 
 		ret = FALSE;
11c5e2 
 	} else {
11c5e2 
-		memcpy(hdr_r, data, data_size);
11c5e2 
+		memcpy(hdr_r, data, sizeof(*hdr_r));
11c5e2 
 		ret = TRUE;
11c5e2 
 	}
11c5e2 
 	mail_index_view_close(&view);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation