miniupnpc: security fix for CVE-2015-6031
This commit is contained in:
Jürgen Buchmüller
parent
270cfddc1e
commit
82f4404c9e
2 changed files with 17 additions and 1 deletions
16
srcpkgs/miniupnpc/patches/security-CVE-2015-6031.patch
Normal file
16
srcpkgs/miniupnpc/patches/security-CVE-2015-6031.patch
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
This patch is equivalent to the original git commit
|
||||
https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
|
||||
|
||||
The released version with this fix contains a so revbump.
|
||||
|
||||
--- igd_desc_parse.c 2011-04-11 11:19:37.000000000 +0200
|
||||
+++ igd_desc_parse.c 2015-10-25 14:53:40.348424486 +0100
|
||||
@@ -15,6 +15,8 @@
|
||||
void IGDstartelt(void * d, const char * name, int l)
|
||||
{
|
||||
struct IGDdatas * datas = (struct IGDdatas *)d;
|
||||
+ if (l >= MINIUPNPC_URL_MAXSIZE)
|
||||
+ l = MINIUPNPC_URL_MAXSIZE-1;
|
||||
memcpy( datas->cureltname, name, l);
|
||||
datas->cureltname[l] = '\0';
|
||||
datas->level++;
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'miniupnpc'
|
||||
pkgname=miniupnpc
|
||||
version=1.9
|
||||
revision=2
|
||||
revision=3
|
||||
short_desc="A small UPnP client library/tool to access Internet Gateway Devices"
|
||||
maintainer="Juan RP <xtraeme@voidlinux.eu>"
|
||||
homepage="http://miniupnp.free.fr"
|
||||
|
|
|
|||
Loading…
Reference in a new issue