Resolves: RHEL-26529 - Out of bounds read in ares__read_line() [rhel-9]

Resolves: rhbz#2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation [rhel-9]
Resolves: rhbz#2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton() [rhel-9] Resolves: rhbz#2209550 - CVE-2023-31147 c-ares: Insufficient randomness in generation of DNS query IDs [rhel-9] Resolves: rhbz#2209520 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service [rhel-9.3.0] Resolves: rhbz#2210370 - Rebase c-ares for RHEL 9.3
2024-03-12 01:17:05 +00:00 · 2023-05-27 17:26:19 +02:00
2 changed files with 38 additions and 1 deletions
--- a/0002-Merge-pull-request-from-GHSA-mg26-v6qh-x48q.patch
+++ b/0002-Merge-pull-request-from-GHSA-mg26-v6qh-x48q.patch
@ -0,0 +1,33 @@
+From a59618566446044c1fa7f35ed349a273c48176fb Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Mon, 11 Mar 2024 20:46:09 +0100
+Subject: [PATCH] Merge pull request from GHSA-mg26-v6qh-x48q
+
+Backported from
+https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183
+---
+ src/lib/ares__read_line.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/lib/ares__read_line.c b/src/lib/ares__read_line.c
+index c62ad2a..d6625a3 100644
+--- a/src/lib/ares__read_line.c
+++ b/src/lib/ares__read_line.c
+@@ -49,6 +49,14 @@ int ares__read_line(FILE *fp, char **buf, size_t *bufsize)
+       if (!fgets(*buf + offset, bytestoread, fp))
+         return (offset != 0) ? 0 : (ferror(fp)) ? ARES_EFILE : ARES_EOF;
+       len = offset + strlen(*buf + offset);
+
+      /* Probably means there was an embedded NULL as the first character in
+       * the line, throw away line */
+      if (len == 0) {
+        offset = 0;
+        continue;
+      }
+
+       if ((*buf)[len - 1] == '\n')
+         {
+           (*buf)[len - 1] = 0;
+-- 
+2.42.0
+
--- a/c-ares.spec
+++ b/c-ares.spec
@ -3,13 +3,14 @@
 Summary: A library that performs asynchronous DNS operations
 Name: c-ares
 Version: 1.19.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: MIT
 URL: http://c-ares.org/
 Source0: http://c-ares.org/download/%{name}-%{version}.tar.gz
 # The license can be obtained at http://c-ares.haxx.se/license.html
 Source1: LICENSE
 Patch0: 0001-Use-RPM-compiler-options.patch
+Patch1: 0002-Merge-pull-request-from-GHSA-mg26-v6qh-x48q.patch

 BuildRequires: gcc
 %if %{use_cmake}
@ -84,6 +85,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libcares.la
 %{_mandir}/man3/ares_*

 %changelog
+* Mon Mar 11 2024 Alexey Tikhonov <atikhono@redhat.com> - 1.19.1-2
+- Resolves: RHEL-26529 - Out of bounds read in ares__read_line() [rhel-9]
+
 * Fri May 26 2023 Alexey Tikhonov <atikhono@redhat.com> - 1.19.1-1
 - Resolves: rhbz#2209564 - CVE-2023-31124 c-ares: AutoTools does not set CARES_RANDOM_FILE during cross compilation [rhel-9]
 - Resolves: rhbz#2209556 - CVE-2023-31130 c-ares: Buffer Underwrite in ares_inet_net_pton() [rhel-9]