diff options
Diffstat (limited to 'main/gnutls/CVE-2011-4128.patch')
-rw-r--r-- | main/gnutls/CVE-2011-4128.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/main/gnutls/CVE-2011-4128.patch b/main/gnutls/CVE-2011-4128.patch new file mode 100644 index 00000000000..2e9c5f88a9a --- /dev/null +++ b/main/gnutls/CVE-2011-4128.patch @@ -0,0 +1,24 @@ +Description: Check buffer size passed in from caller prior to overwriting it +Origin: upstream, http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=190cef6eed37d0e73a73c1e205eb31d45ab60a3c +Origin: upstream, http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=e82ef4545e9e98cbcb032f55d7c750b81e3a0450 + +Index: gnutls26-2.10.5/lib/gnutls_session.c +=================================================================== +--- gnutls26-2.10.5.orig/lib/gnutls_session.c 2010-08-01 15:37:30.000000000 -0500 ++++ gnutls26-2.10.5/lib/gnutls_session.c 2012-04-04 03:25:20.382796666 -0500 +@@ -65,13 +65,14 @@ + gnutls_assert (); + return ret; + } +- *session_data_size = psession.size; + + if (psession.size > *session_data_size) + { ++ *session_data_size = psession.size; + ret = GNUTLS_E_SHORT_MEMORY_BUFFER; + goto error; + } ++ *session_data_size = psession.size; + + if (session_data != NULL) + memcpy (session_data, psession.data, psession.size); |