gnutls: patch for CVE-2014-3466 backported
Backported patch for CVE-2014-3466. This patch is for dora. (From OE-Core rev: 68da848e0f7f026bf18707d8d59143177ff66f9b) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
c7432a006e
commit
ad2c79b0fd
|
@ -0,0 +1,30 @@
|
|||
From fcf3745f1d03c4a97e87ef4341269c645fdda787 Mon Sep 17 00:00:00 2001
|
||||
From: Valentin Popa <valentin.popa@intel.com>
|
||||
Date: Thu, 5 Jun 2014 11:50:11 +0300
|
||||
Subject: [PATCH] CVE-2014-3466
|
||||
|
||||
Prevent memory corruption due to server hello parsing.
|
||||
|
||||
Upstream-Status: Backport
|
||||
|
||||
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
|
||||
---
|
||||
lib/gnutls_handshake.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
|
||||
index e4a63e4..e652528 100644
|
||||
--- a/lib/gnutls_handshake.c
|
||||
+++ b/lib/gnutls_handshake.c
|
||||
@@ -1797,7 +1797,7 @@ _gnutls_read_server_hello (gnutls_session_t session,
|
||||
DECR_LEN (len, 1);
|
||||
session_id_len = data[pos++];
|
||||
|
||||
- if (len < session_id_len)
|
||||
+ if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE)
|
||||
{
|
||||
gnutls_assert ();
|
||||
return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
|
||||
--
|
||||
1.9.1
|
||||
|
|
@ -8,6 +8,7 @@ SRC_URI += "file://gnutls-openssl.patch \
|
|||
file://avoid_AM_PROG_MKDIR_P_warning_error_with_automake_1.12.patch \
|
||||
file://CVE-2014-1959-rejection-of-v1-intermediate-cert.patch \
|
||||
file://CVE-2014-0092-corrected-return-codes.patch \
|
||||
file://CVE-2014-3466.patch \
|
||||
file://25_updatedgdocfrommaster.diff \
|
||||
${@['', 'file://fix-gettext-version.patch'][bb.data.inherits_class('native', d) or (not ((d.getVar("INCOMPATIBLE_LICENSE", True) or "").find("GPLv3") != -1))]} \
|
||||
"
|
||||
|
|
Loading…
Reference in New Issue