Fix patch
This commit is contained in:
parent
f06aedf357
commit
cfc4155361
|
@ -1,7 +1,7 @@
|
||||||
From 8b4f4666fa8312eede8107c4690348f9b79b2292 Mon Sep 17 00:00:00 2001
|
From 47c90e4cf813a0a38a1415936bf40b38ffdf4ce5 Mon Sep 17 00:00:00 2001
|
||||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
Date: Sun, 18 Jun 2017 16:07:57 -0400
|
Date: Sun, 18 Jun 2017 16:07:57 -0400
|
||||||
Subject: [PATCH] resolved: simplify alloc size calculation
|
Subject: [PATCH 57/58] resolved: simplify alloc size calculation
|
||||||
|
|
||||||
The allocation size was calculated in a complicated way, and for values
|
The allocation size was calculated in a complicated way, and for values
|
||||||
close to the page size we would actually allocate less than requested.
|
close to the page size we would actually allocate less than requested.
|
||||||
|
@ -9,16 +9,18 @@ close to the page size we would actually allocate less than requested.
|
||||||
Reported by Chris Coulson <chris.coulson@canonical.com>.
|
Reported by Chris Coulson <chris.coulson@canonical.com>.
|
||||||
|
|
||||||
CVE-2017-9445
|
CVE-2017-9445
|
||||||
|
|
||||||
|
(cherry picked from commit e3abee3dee32ae7cd8e937e44ace94ab7f45ede9)
|
||||||
---
|
---
|
||||||
src/resolve/resolved-dns-packet.c | 8 +-------
|
src/resolve/resolved-dns-packet.c | 8 +-------
|
||||||
src/resolve/resolved-dns-packet.h | 2 --
|
src/resolve/resolved-dns-packet.h | 2 --
|
||||||
2 files changed, 1 insertion(+), 9 deletions(-)
|
2 files changed, 1 insertion(+), 9 deletions(-)
|
||||||
|
|
||||||
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
||||||
index 8b620cb6a8..7262a50eee 100644
|
index e57f157e00..c076003012 100644
|
||||||
--- a/src/resolve/resolved-dns-packet.c
|
--- a/src/resolve/resolved-dns-packet.c
|
||||||
+++ b/src/resolve/resolved-dns-packet.c
|
+++ b/src/resolve/resolved-dns-packet.c
|
||||||
@@ -47,13 +47,7 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
@@ -34,13 +34,7 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
||||||
|
|
||||||
assert(ret);
|
assert(ret);
|
||||||
|
|
||||||
|
@ -34,7 +36,7 @@ index 8b620cb6a8..7262a50eee 100644
|
||||||
/* round up to next page size */
|
/* round up to next page size */
|
||||||
a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket));
|
a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket));
|
||||||
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
|
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
|
||||||
index 7b7d4e14c9..05a7a844e4 100644
|
index 0bf34d270c..5c5440ee8c 100644
|
||||||
--- a/src/resolve/resolved-dns-packet.h
|
--- a/src/resolve/resolved-dns-packet.h
|
||||||
+++ b/src/resolve/resolved-dns-packet.h
|
+++ b/src/resolve/resolved-dns-packet.h
|
||||||
@@ -66,8 +66,6 @@ struct DnsPacketHeader {
|
@@ -66,8 +66,6 @@ struct DnsPacketHeader {
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
From 626e9ef495474c95e3143ddae1a498d391c2a008 Mon Sep 17 00:00:00 2001
|
From 28a4da88f28f469db1a258a8ba932df6060f3086 Mon Sep 17 00:00:00 2001
|
||||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
Date: Tue, 27 Jun 2017 14:20:00 -0400
|
Date: Tue, 27 Jun 2017 14:20:00 -0400
|
||||||
Subject: [PATCH] resolved: do not allocate packets with minimum size
|
Subject: [PATCH 58/58] resolved: do not allocate packets with minimum size
|
||||||
|
|
||||||
dns_packet_new() is sometimes called with mtu == 0, and in that case we should
|
dns_packet_new() is sometimes called with mtu == 0, and in that case we should
|
||||||
allocate more than the absolute minimum (which is the dns packet header size),
|
allocate more than the absolute minimum (which is the dns packet header size),
|
||||||
|
@ -9,25 +9,26 @@ otherwise we have to resize immediately again after appending the first data to
|
||||||
the packet.
|
the packet.
|
||||||
|
|
||||||
This partially reverts the previous commit.
|
This partially reverts the previous commit.
|
||||||
|
|
||||||
|
(cherry picked from commit 626e9ef495474c95e3143ddae1a498d391c2a008)
|
||||||
---
|
---
|
||||||
src/resolve/resolved-dns-packet.c | 12 +++++++++++-
|
src/resolve/resolved-dns-packet.c | 12 +++++++++++-
|
||||||
1 file changed, 11 insertions(+), 1 deletion(-)
|
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
||||||
index 7262a50eee..c1ee755d9f 100644
|
index c076003012..ace4a170c6 100644
|
||||||
--- a/src/resolve/resolved-dns-packet.c
|
--- a/src/resolve/resolved-dns-packet.c
|
||||||
+++ b/src/resolve/resolved-dns-packet.c
|
+++ b/src/resolve/resolved-dns-packet.c
|
||||||
@@ -28,6 +28,9 @@
|
@@ -28,13 +28,23 @@
|
||||||
|
|
||||||
#define EDNS0_OPT_DO (1<<15)
|
#define EDNS0_OPT_DO (1<<15)
|
||||||
|
|
||||||
+#define DNS_PACKET_SIZE_START 512
|
+#define DNS_PACKET_SIZE_START 512
|
||||||
+assert_cc(DNS_PACKET_SIZE_START > UDP_PACKET_HEADER_SIZE)
|
+assert_cc(DNS_PACKET_SIZE_START > UDP_PACKET_HEADER_SIZE)
|
||||||
+
|
+
|
||||||
typedef struct DnsPacketRewinder {
|
int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
||||||
DnsPacket *packet;
|
DnsPacket *p;
|
||||||
size_t saved_rindex;
|
size_t a;
|
||||||
@@ -47,7 +50,14 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
|
||||||
|
|
||||||
assert(ret);
|
assert(ret);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue