PKGBUILDs/community/strongswan/cve_2018_5388.patch
2018-05-26 23:32:35 +00:00

25 lines
879 B
Diff

From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 13 Mar 2018 17:54:08 +0000 (+0100)
Subject: stroke: Ensure a minimum message length
X-Git-Tag: 5.6.3dr1~28
X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=0acd1ab4
stroke: Ensure a minimum message length
---
diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
index c568440..1e7f210 100644
--- a/src/libcharon/plugins/stroke/stroke_socket.c
+++ b/src/libcharon/plugins/stroke/stroke_socket.c
@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream)
}
return FALSE;
}
+ if (len < offsetof(stroke_msg_t, buffer))
+ {
+ DBG1(DBG_CFG, "invalid stroke message length %d", len);
+ return FALSE;
+ }
/* read message (we need an additional byte to terminate the buffer) */
msg = malloc(len + 1);