45 lines
1.2 KiB
Diff
45 lines
1.2 KiB
Diff
From f87d8c7721dd6ca2e1e94342fa5688e58fb0af15 Mon Sep 17 00:00:00 2001
|
|
From: Vaclav Dolezal <vdolezal@redhat.com>
|
|
Date: Wed, 12 Feb 2020 15:20:32 +0100
|
|
Subject: [PATCH] Partial fix for CVE-2020-5208
|
|
|
|
replacement for patch:
|
|
9452be8 channel: Fix buffer overflow
|
|
|
|
Signed-off-by: Vaclav Dolezal <vdolezal@redhat.com>
|
|
---
|
|
lib/ipmi_channel.c | 10 ++++++++++
|
|
1 file changed, 10 insertions(+)
|
|
|
|
diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c
|
|
index e1fc75f..81ae82e 100644
|
|
--- a/lib/ipmi_channel.c
|
|
+++ b/lib/ipmi_channel.c
|
|
@@ -383,6 +383,11 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
|
|
val2str(rsp->ccode, completion_code_vals));
|
|
return -1;
|
|
}
|
|
+ if (rsp->data_len > 17) {
|
|
+ lprintf(LOG_ERR, "Get Channel Cipher Suites failed - "
|
|
+ "received invalid data");
|
|
+ return -1;
|
|
+ }
|
|
|
|
|
|
/*
|
|
@@ -418,6 +423,11 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type,
|
|
val2str(rsp->ccode, completion_code_vals));
|
|
return -1;
|
|
}
|
|
+ if (rsp->data_len > 17) {
|
|
+ lprintf(LOG_ERR, "Get Channel Cipher Suites failed - "
|
|
+ "received invalid data");
|
|
+ return -1;
|
|
+ }
|
|
}
|
|
|
|
/* Copy last chunk */
|
|
--
|
|
2.20.1
|
|
|