libsasl: fix CVE-2019-19906
This commit is contained in:
Michal Vasilek
Érico Nogueira Rolim
parent
9132c7f292
commit
aa162d7300
2 changed files with 16 additions and 1 deletions
15
srcpkgs/libsasl/patches/CVE-2019-19906.patch
Normal file
15
srcpkgs/libsasl/patches/CVE-2019-19906.patch
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
https://github.com/cyrusimap/cyrus-sasl/issues/587
|
||||
|
||||
diff --git a/lib/common.c b/lib/common.c
|
||||
index bc3bf1df..9969d6aa 100644
|
||||
--- a/lib/common.c
|
||||
+++ b/lib/common.c
|
||||
@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen,
|
||||
|
||||
if (add==NULL) add = "(null)";
|
||||
|
||||
- addlen=strlen(add); /* only compute once */
|
||||
+ addlen=strlen(add)+1; /* only compute once */
|
||||
if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
|
||||
return SASL_NOMEM;
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'libsasl'
|
||||
pkgname=libsasl
|
||||
version=2.1.27
|
||||
revision=1
|
||||
revision=2
|
||||
wrksrc="cyrus-sasl-${version}"
|
||||
build_style=gnu-configure
|
||||
configure_args="--enable-cram --enable-digest --enable-auth-sasldb
|
||||
|
|
|
|||
Loading…
Reference in a new issue