miniupnpc: security fix for CVE-2015-6031
This commit is contained in:
Jürgen Buchmüller
parent
270cfddc1e
commit
82f4404c9e
16
srcpkgs/miniupnpc/patches/security-CVE-2015-6031.patch
Normal file
16
srcpkgs/miniupnpc/patches/security-CVE-2015-6031.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
This patch is equivalent to the original git commit
|
||||||
|
https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
|
||||||
|
|
||||||
|
The released version with this fix contains a so revbump.
|
||||||
|
|
||||||
|
--- igd_desc_parse.c 2011-04-11 11:19:37.000000000 +0200
|
||||||
|
+++ igd_desc_parse.c 2015-10-25 14:53:40.348424486 +0100
|
||||||
|
@@ -15,6 +15,8 @@
|
||||||
|
void IGDstartelt(void * d, const char * name, int l)
|
||||||
|
{
|
||||||
|
struct IGDdatas * datas = (struct IGDdatas *)d;
|
||||||
|
+ if (l >= MINIUPNPC_URL_MAXSIZE)
|
||||||
|
+ l = MINIUPNPC_URL_MAXSIZE-1;
|
||||||
|
memcpy( datas->cureltname, name, l);
|
||||||
|
datas->cureltname[l] = '\0';
|
||||||
|
datas->level++;
|
||||||
@ -1,7 +1,7 @@
|
|||||||
# Template file for 'miniupnpc'
|
# Template file for 'miniupnpc'
|
||||||
pkgname=miniupnpc
|
pkgname=miniupnpc
|
||||||
version=1.9
|
version=1.9
|
||||||
revision=2
|
revision=3
|
||||||
short_desc="A small UPnP client library/tool to access Internet Gateway Devices"
|
short_desc="A small UPnP client library/tool to access Internet Gateway Devices"
|
||||||
maintainer="Juan RP <xtraeme@voidlinux.eu>"
|
maintainer="Juan RP <xtraeme@voidlinux.eu>"
|
||||||
homepage="http://miniupnp.free.fr"
|
homepage="http://miniupnp.free.fr"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user