diff options
| author |   Allen-Webb <allenwebb@google.com> | 2020-04-01 09:44:02 -0500 |
|---|---|---|
| committer |   Patrick McLean <chutzpah@gentoo.org> | 2020-04-01 10:19:21 -0700 |
| commit | 5d2cde891f94eed8019bde4deb0612af08cb0d30 (patch) | |
| tree | dcc862ba163095862d2c89a674bdd5256c2c53ee /net-dns/dnsmasq | |
| parent | dev-libs/yaml-cpp: New package (diff) | |
| download | gentoo-5d2cde891f94eed8019bde4deb0612af08cb0d30.tar.gz gentoo-5d2cde891f94eed8019bde4deb0612af08cb0d30.tar.bz2 gentoo-5d2cde891f94eed8019bde4deb0612af08cb0d30.zip | |
net-dns/dnsmasq-2.80-r2: Revbump, fix CVE-2019-14834
Bug: https://bugs.gentoo.org/715764
Signed-off-by: Allen-Webb <allenwebb@google.com>
Closes: https://github.com/gentoo/gentoo/pull/15197
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
Diffstat (limited to 'net-dns/dnsmasq')
| -rw-r--r-- | net-dns/dnsmasq/dnsmasq-2.80-r2.ebuild (renamed from net-dns/dnsmasq/dnsmasq-2.80-r1.ebuild) | 1 | ||||
| -rw-r--r-- | net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch | 39 |
2 files changed, 40 insertions, 0 deletions
diff --git a/net-dns/dnsmasq/dnsmasq-2.80-r1.ebuild b/net-dns/dnsmasq/dnsmasq-2.80-r2.ebuild index ba0e02d67311..42e58c51d0ba 100644 --- a/net-dns/dnsmasq/dnsmasq-2.80-r1.ebuild +++ b/net-dns/dnsmasq/dnsmasq-2.80-r2.ebuild @@ -56,6 +56,7 @@ REQUIRED_USE="dhcp-tools? ( dhcp ) PATCHES=( "${FILESDIR}/dnsmasq-2.80-nettle-3.5.patch" "${FILESDIR}/dnsmasq-2.80-linux-headers-5.2.patch" + "${FILESDIR}/dnsmasq-2.80-cve-2019-14834.patch" ) use_have() { diff --git a/net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch b/net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch new file mode 100644 index 000000000000..a44ceabece71 --- /dev/null +++ b/net-dns/dnsmasq/files/dnsmasq-2.80-cve-2019-14834.patch @@ -0,0 +1,39 @@ +Fix memory leak in helper.c + +Thanks to Xu Mingjie <xumingjie1995@outlook.com> for spotting this. + +author: Simon Kelley <simon@thekelleys.org.uk> +commit-url: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5 +diff --git a/src/helper.c b/src/helper.c +index 33ba120..c392eec 100644 (file) +--- a/src/helper.c ++++ b/src/helper.c +@@ -80,7 +80,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) + pid_t pid; + int i, pipefd[2]; + struct sigaction sigact; +- ++ unsigned char *alloc_buff = NULL; ++ + /* create the pipe through which the main program sends us commands, + then fork our process. */ + if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1) +@@ -186,11 +187,16 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd) + struct script_data data; + char *p, *action_str, *hostname = NULL, *domain = NULL; + unsigned char *buf = (unsigned char *)daemon->namebuff; +- unsigned char *end, *extradata, *alloc_buff = NULL; ++ unsigned char *end, *extradata; + int is6, err = 0; + int pipeout[2]; + +- free(alloc_buff); ++ /* Free rarely-allocated memory from previous iteration. */ ++ if (alloc_buff) ++ { ++ free(alloc_buff); ++ alloc_buff = NULL; ++ } + + /* we read zero bytes when pipe closed: this is our signal to exit */ + if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1)) |