42 lines
1.1 KiB
Diff
42 lines
1.1 KiB
Diff
Fix CVE-2017-7376:
|
|
|
|
https://bugzilla.gnome.org/show_bug.cgi?id=780690 (not yet public)
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
|
|
https://security-tracker.debian.org/tracker/CVE-2017-7376
|
|
|
|
Patch copied from upstream source repository:
|
|
|
|
https://git.gnome.org/browse/libxml2/commit/?id=5dca9eea1bd4263bfa4d037ab2443de1cd730f7e
|
|
|
|
From 5dca9eea1bd4263bfa4d037ab2443de1cd730f7e Mon Sep 17 00:00:00 2001
|
|
From: Daniel Veillard <veillard@redhat.com>
|
|
Date: Fri, 7 Apr 2017 17:13:28 +0200
|
|
Subject: [PATCH] Increase buffer space for port in HTTP redirect support
|
|
|
|
For https://bugzilla.gnome.org/show_bug.cgi?id=780690
|
|
|
|
nanohttp.c: the code wrongly assumed a short int port value.
|
|
---
|
|
nanohttp.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/nanohttp.c b/nanohttp.c
|
|
index e109ad75..373425de 100644
|
|
--- a/nanohttp.c
|
|
+++ b/nanohttp.c
|
|
@@ -1423,9 +1423,9 @@ retry:
|
|
if (ctxt->port != 80) {
|
|
/* reserve space for ':xxxxx', incl. potential proxy */
|
|
if (proxy)
|
|
- blen += 12;
|
|
+ blen += 17;
|
|
else
|
|
- blen += 6;
|
|
+ blen += 11;
|
|
}
|
|
bp = (char*)xmlMallocAtomic(blen);
|
|
if ( bp == NULL ) {
|
|
--
|
|
2.14.1
|
|
|