void-packages/srcpkgs/miniupnpc/patches/security-CVE-2015-6031.patch

17 lines
589 B
Diff

This patch is equivalent to the original git commit
https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
The released version with this fix contains a so revbump.
--- igd_desc_parse.c 2011-04-11 11:19:37.000000000 +0200
+++ igd_desc_parse.c 2015-10-25 14:53:40.348424486 +0100
@@ -15,6 +15,8 @@
void IGDstartelt(void * d, const char * name, int l)
{
struct IGDdatas * datas = (struct IGDdatas *)d;
+ if (l >= MINIUPNPC_URL_MAXSIZE)
+ l = MINIUPNPC_URL_MAXSIZE-1;
memcpy( datas->cureltname, name, l);
datas->cureltname[l] = '\0';
datas->level++;