Code Review / packages / trusty / cirros-testvm.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
The cirros image was rebuilt against the 3.13.0-83 kernel, drivers e1000e, igbvf...
[packages/trusty/cirros-testvm.git] / cirros-testvm / src-cirros / buildroot-2015.05 / package / tcpdump / 0003-fix-CVE-2014-8768.patch
diff --git a/cirros-testvm/src-cirros/buildroot-2015.05/package/tcpdump/0003-fix-CVE-2014-8768.patch b/cirros-testvm/src-cirros/buildroot-2015.05/package/tcpdump/0003-fix-CVE-2014-8768.patch
new file mode 100644 (file)
index 0000000..a8b82cf
--- /dev/null
+++ b/cirros-testvm/src-cirros/buildroot-2015.05/package/tcpdump/0003-fix-CVE-2014-8768.patch
@@ -0,0 +1,19 @@
+From https://bugzilla.redhat.com/show_bug.cgi?id=1165161
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
+--- tcpdump-tcpdump_4.5/print-geonet.c 2014-02-17 05:58:41.000000000 +0700
++++ print-geonet.c     2014-11-21 10:06:58.590217933 +0700
+@@ -237,6 +237,12 @@
+               printf("Malformed (small) ");
+       }
++      /* Checking length before print */
++      u_int caplength;
++      caplength = (ndo->ndo_snapend >= bp) ? ndo->ndo_snapend - bp : 0;
++      if (length > caplength)
++              length = caplength;
++
+       /* Print user data part */
+       if (ndo->ndo_vflag)
+               default_print(bp, length);