PKGBUILDs/community/strongswan/cve_2018_5388.patch

From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 13 Mar 2018 17:54:08 +0000 (+0100)
Subject: stroke: Ensure a minimum message length
X-Git-Tag: 5.6.3dr1~28
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=0acd1ab4

stroke: Ensure a minimum message length
---

diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
index c568440..1e7f210 100644
--- a/src/libcharon/plugins/stroke/stroke_socket.c
+++ b/src/libcharon/plugins/stroke/stroke_socket.c
@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream)
 		}
 		return FALSE;
 	}
+	if (len < offsetof(stroke_msg_t, buffer))
+	{
+		DBG1(DBG_CFG, "invalid stroke message length %d", len);
+		return FALSE;
+	}
 
 	/* read message (we need an additional byte to terminate the buffer) */
 	msg = malloc(len + 1);
community/strongswan to 5.6.2-2 2018-05-26 23:32:35 +00:00			`From: Tobias Brunner <tobias@strongswan.org>`
			`Date: Tue, 13 Mar 2018 17:54:08 +0000 (+0100)`
			`Subject: stroke: Ensure a minimum message length`
			`X-Git-Tag: 5.6.3dr1~28`
			`X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=0acd1ab4`

			`stroke: Ensure a minimum message length`
			`---`

			`diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c`
			`index c568440..1e7f210 100644`
			`--- a/src/libcharon/plugins/stroke/stroke_socket.c`
			`+++ b/src/libcharon/plugins/stroke/stroke_socket.c`
			`@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t this, stream_t stream)`
			`}`
			`return FALSE;`
			`}`
			`+ if (len < offsetof(stroke_msg_t, buffer))`
			`+ {`
			`+ DBG1(DBG_CFG, "invalid stroke message length %d", len);`
			`+ return FALSE;`
			`+ }`

			`/* read message (we need an additional byte to terminate the buffer) */`
			`msg = malloc(len + 1);`