From ab1c8dcbd6898c70ba5c4b4443931a668eaee196 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Mon, 24 Feb 2014 15:27:57 +0000
Subject: main/python: security fix for CVE-2014-1912

fixes #2713
---
 main/python/recvfrom_into_buffer_overflow_2.7.patch | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 main/python/recvfrom_into_buffer_overflow_2.7.patch

(limited to 'main/python/recvfrom_into_buffer_overflow_2.7.patch')

diff --git a/main/python/recvfrom_into_buffer_overflow_2.7.patch b/main/python/recvfrom_into_buffer_overflow_2.7.patch
new file mode 100644
index 0000000000..37e786bd3a
--- /dev/null
+++ b/main/python/recvfrom_into_buffer_overflow_2.7.patch
@@ -0,0 +1,17 @@
+diff -r 40fb60df4755 Modules/socketmodule.c
+--- a/Modules/socketmodule.c	Sun Jan 12 12:11:47 2014 +0200
++++ b/Modules/socketmodule.c	Mon Jan 13 16:36:35 2014 -0800
+@@ -2744,6 +2744,13 @@
+         recvlen = buflen;
+     }
+ 
++    /* Check if the buffer is large enough */
++    if (buflen < recvlen) {
++        PyErr_SetString(PyExc_ValueError,
++                        "buffer too small for requested bytes");
++        goto error;
++    }
++
+     readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr);
+     if (readlen < 0) {
+         /* Return an error */
-- 
cgit v1.2.3