rpms-fedora-extras/strongswan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Resolves rhbz#1581868 CVE-2018-5388 strongswan: buffer underflow in stroke_socket.c

Browse Source
This commit is contained in:
Paul Wouters
2018-05-24 00:09:27 -04:00
parent ad2751324a
commit 9f0f5a9d4f
2 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
strongswan-5.6.2-CVE-2018-5388.patch Normal file
View File

@@ -0,0 +1,15 @@
diff -Naur strongswan-5.6.2-orig/src/libcharon/plugins/stroke/stroke_socket.c strongswan-5.6.2/src/libcharon/plugins/stroke/stroke_socket.c
--- strongswan-5.6.2-orig/src/libcharon/plugins/stroke/stroke_socket.c 2017-11-09 10:57:30.000000000 -0500
+++ strongswan-5.6.2/src/libcharon/plugins/stroke/stroke_socket.c 2018-05-24 00:00:32.382953618 -0400
@@ -628,6 +628,11 @@
return FALSE;
}
+ if (len < offsetof(stroke_msg_t, buffer))
+ {
+ DBG1(DBG_CFG, "invalid stroke message length %d", len);
+ return FALSE;
+ }
/* read message (we need an additional byte to terminate the buffer) */
msg = malloc(len + 1);
msg->length = len;