Djam/strongswan
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/strongswan.git synced 2025-02-23 14:02:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
strongswan/strongswan-5.6.2-CVE-2018-5388.patch
Denis Silakov c1e49cd3e9 Updated to 5.7.2 with CVE-2018-5388 patch
2019-03-15 18:07:26 +03:00

15 lines
641 B
Diff
Raw Blame History

diff -Naur strongswan-5.6.2-orig/src/libcharon/plugins/stroke/stroke_socket.c strongswan-5.6.2/src/libcharon/plugins/stroke/stroke_socket.c
--- strongswan-5.6.2-orig/src/libcharon/plugins/stroke/stroke_socket.c 2017-11-09 10:57:30.000000000 -0500
+++ strongswan-5.6.2/src/libcharon/plugins/stroke/stroke_socket.c 2018-05-24 00:00:32.382953618 -0400
@@ -628,6 +628,11 @@
return FALSE;
}
+ if (len < offsetof(stroke_msg_t, buffer))
+ {
+ DBG1(DBG_CFG, "invalid stroke message length %d", len);
+ return FALSE;
+ }
/* read message (we need an additional byte to terminate the buffer) */
msg = malloc(len + 1);
msg->length = len;
Reference in a new issue View git blame Copy permalink