forked from rpms/iperf3
Fixes CVE-2023-38403
Signed-off-by: Jonathan Wright <jonathan@almalinux.org>
This commit is contained in:
parent
56555fce80
commit
ea752ff12e
45
SOURCES/cve-2023-38403.patch
Normal file
45
SOURCES/cve-2023-38403.patch
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
From 41f5129d402bcd14ec4d2cde875203ab51076352 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Bruce A. Mah" <bmah@es.net>
|
||||||
|
Date: Fri, 7 Jul 2023 11:03:43 -0700
|
||||||
|
Subject: [PATCH] Fix memory allocation hazard (#1542).
|
||||||
|
|
||||||
|
Reported by: @someusername123 on GitHub
|
||||||
|
---
|
||||||
|
src/iperf_api.c | 9 ++++++++-
|
||||||
|
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/iperf_api.c b/src/iperf_api.c
|
||||||
|
index f2d416214..a95e02418 100644
|
||||||
|
--- a/src/iperf_api.c
|
||||||
|
+++ b/src/iperf_api.c
|
||||||
|
@@ -2670,6 +2670,7 @@ static cJSON *
|
||||||
|
JSON_read(int fd)
|
||||||
|
{
|
||||||
|
uint32_t hsize, nsize;
|
||||||
|
+ size_t strsize;
|
||||||
|
char *str;
|
||||||
|
cJSON *json = NULL;
|
||||||
|
int rc;
|
||||||
|
@@ -2682,7 +2683,9 @@ JSON_read(int fd)
|
||||||
|
if (Nread(fd, (char*) &nsize, sizeof(nsize), Ptcp) >= 0) {
|
||||||
|
hsize = ntohl(nsize);
|
||||||
|
/* Allocate a buffer to hold the JSON */
|
||||||
|
- str = (char *) calloc(sizeof(char), hsize+1); /* +1 for trailing null */
|
||||||
|
+ strsize = hsize + 1; /* +1 for trailing NULL */
|
||||||
|
+ if (strsize) {
|
||||||
|
+ str = (char *) calloc(sizeof(char), strsize);
|
||||||
|
if (str != NULL) {
|
||||||
|
rc = Nread(fd, str, hsize, Ptcp);
|
||||||
|
if (rc >= 0) {
|
||||||
|
@@ -2701,6 +2704,10 @@ JSON_read(int fd)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
free(str);
|
||||||
|
+ }
|
||||||
|
+ else {
|
||||||
|
+ printf("WARNING: Data length overflow\n");
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
return json;
|
||||||
|
}
|
||||||
|
|
@ -1,6 +1,6 @@
|
|||||||
Name: iperf3
|
Name: iperf3
|
||||||
Version: 3.5
|
Version: 3.5
|
||||||
Release: 6%{?dist}
|
Release: 6%{?dist}.1.alma
|
||||||
Summary: Measurement tool for TCP/UDP bandwidth performance
|
Summary: Measurement tool for TCP/UDP bandwidth performance
|
||||||
|
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
@ -13,6 +13,7 @@ BuildRequires: openssl-devel
|
|||||||
|
|
||||||
Patch0002: 0002-udp-counters-manpage.patch
|
Patch0002: 0002-udp-counters-manpage.patch
|
||||||
Patch0003: 0003-covscan-sctp.patch
|
Patch0003: 0003-covscan-sctp.patch
|
||||||
|
Patch0004: cve-2023-38403.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Iperf is a tool to measure maximum TCP bandwidth, allowing the tuning of
|
Iperf is a tool to measure maximum TCP bandwidth, allowing the tuning of
|
||||||
@ -60,6 +61,9 @@ rm -f %{buildroot}%{_libdir}/libiperf.la
|
|||||||
%{_libdir}/*.so
|
%{_libdir}/*.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jul 18 2023 Jonathan Wright <jonathan@almalinux.org> - 3.5-7.1.alma
|
||||||
|
- Fixes CVE-2023-38403
|
||||||
|
|
||||||
* Tue May 05 2020 Michal Ruprich <michalruprich@gmail.com> - 3.5-6
|
* Tue May 05 2020 Michal Ruprich <michalruprich@gmail.com> - 3.5-6
|
||||||
- Related: #1665142 - Fixing a couple of covscan issues
|
- Related: #1665142 - Fixing a couple of covscan issues
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user