diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 20:58:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 20:58:29 +0100 |
commit | 0cf2f20608308acdf3cb922c3736446bbd8f3388 (patch) | |
tree | 07815070629c7c11000a7f51ceb8ccbccb49a809 /games-action/0verkill/files/0verkill-0.16-underflow-check.patch | |
parent | 1798c4aeca70ac8d0a243684d6a798fbc65735f8 (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'games-action/0verkill/files/0verkill-0.16-underflow-check.patch')
-rw-r--r-- | games-action/0verkill/files/0verkill-0.16-underflow-check.patch | 17 |
1 files changed, 0 insertions, 17 deletions
diff --git a/games-action/0verkill/files/0verkill-0.16-underflow-check.patch b/games-action/0verkill/files/0verkill-0.16-underflow-check.patch deleted file mode 100644 index d0af396deafd..000000000000 --- a/games-action/0verkill/files/0verkill-0.16-underflow-check.patch +++ /dev/null @@ -1,17 +0,0 @@ -The vulnerability is cause due to an integer underflow error in "recv_packet()" -within the handling of a received UDP packet. This can be exploited to cause -out-of-bounds memory access which crashes the server process via a UDP packet -that is smaller than 12 bytes in size. - -http://bugs.gentoo.org/136222 - ---- 0verkill-0.16/net.c -+++ 0verkill-0.16/net.c -@@ -84,6 +84,7 @@ - p=mem_alloc(max_len+12); - if (!p)return -1; /* not enough memory */ - retval=recvfrom(fd,p,max_len+12,0,addr,addr_len); -+ if (retval<12)return -1; /* not enough data from network */ - memcpy(packet,p+12,max_len); - crc=p[0]+(p[1]<<8)+(p[2]<<16)+(p[3]<<24); - s=p[4]+(p[5]<<8)+(p[6]<<16)+(p[7]<<24); |