diff options
Diffstat (limited to 'main/ldns/CVE-2017-1000232.patch')
| -rw-r--r-- | main/ldns/CVE-2017-1000232.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/main/ldns/CVE-2017-1000232.patch b/main/ldns/CVE-2017-1000232.patch new file mode 100644 index 0000000000..d36738ca22 --- /dev/null +++ b/main/ldns/CVE-2017-1000232.patch @@ -0,0 +1,27 @@ +From f5bae2bf02aa0d8a38e02e14f27e3c4dee15077d Mon Sep 17 00:00:00 2001 +From: Willem Toorop <willem@nlnetlabs.nl> +Date: Thu, 27 Apr 2017 00:25:20 +0200 +Subject: [PATCH] bugfix #1257: Free after reallocing to 0 size + +Thanks Stephan Zeisberg +--- + str2host.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/str2host.c b/str2host.c +index c396f547..c3afba1d 100644 +--- a/str2host.c ++++ b/str2host.c +@@ -1496,8 +1496,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str) + if (! str) { + return LDNS_STATUS_SYNTAX_BAD_ESCAPE; + } +- length = (size_t)(dp - data); +- ++ if (!(length = (size_t)(dp - data))) { ++ LDNS_FREE(data); ++ return LDNS_STATUS_SYNTAX_EMPTY; ++ } + /* Lose the overmeasure */ + data = LDNS_XREALLOC(dp = data, uint8_t, length); + if (! data) { |