gentoo resync : 14.07.2018

author: V3n3RiX <venerix@redcorelinux.org> 2018-07-14 20:58:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2018-07-14 20:58:29 +0100
commit: 0cf2f20608308acdf3cb922c3736446bbd8f3388 (patch)
tree: 07815070629c7c11000a7f51ceb8ccbccb49a809 /games-action/0verkill/files/0verkill-0.16-underflow-check.patch
parent: 1798c4aeca70ac8d0a243684d6a798fbc65735f8 (diff)
1 files changed, 0 insertions, 17 deletions
diff --git a/games-action/0verkill/files/0verkill-0.16-underflow-check.patch b/games-action/0verkill/files/0verkill-0.16-underflow-check.patch
deleted file mode 100644
index d0af396deafd..000000000000
--- a/games-action/0verkill/files/0verkill-0.16-underflow-check.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-The vulnerability is cause due to an integer underflow error in "recv_packet()"
-within the handling of a received UDP packet. This can be exploited to cause
-out-of-bounds memory access which crashes the server process via a UDP packet
-that is smaller than 12 bytes in size.
-
-http://bugs.gentoo.org/136222
-
---- 0verkill-0.16/net.c
-+++ 0verkill-0.16/net.c
-@@ -84,6 +84,7 @@
- 	p=mem_alloc(max_len+12);
- 	if (!p)return -1;  /* not enough memory */
- 	retval=recvfrom(fd,p,max_len+12,0,addr,addr_len);
-+	if (retval<12)return -1; /* not enough data from network */
- 	memcpy(packet,p+12,max_len);
- 	crc=p[0]+(p[1]<<8)+(p[2]<<16)+(p[3]<<24);
- 	s=p[4]+(p[5]<<8)+(p[6]<<16)+(p[7]<<24);
author	V3n3RiX <venerix@redcorelinux.org>	2018-07-14 20:58:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2018-07-14 20:58:29 +0100
commit	0cf2f20608308acdf3cb922c3736446bbd8f3388 (patch)
tree	07815070629c7c11000a7f51ceb8ccbccb49a809 /games-action/0verkill/files/0verkill-0.16-underflow-check.patch
parent	1798c4aeca70ac8d0a243684d6a798fbc65735f8 (diff)