Tweak the patches a bit more
This commit is contained in:
parent
2db1b855c4
commit
f06aedf357
|
@ -0,0 +1,48 @@
|
||||||
|
From 626e9ef495474c95e3143ddae1a498d391c2a008 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Tue, 27 Jun 2017 14:20:00 -0400
|
||||||
|
Subject: [PATCH] resolved: do not allocate packets with minimum size
|
||||||
|
|
||||||
|
dns_packet_new() is sometimes called with mtu == 0, and in that case we should
|
||||||
|
allocate more than the absolute minimum (which is the dns packet header size),
|
||||||
|
otherwise we have to resize immediately again after appending the first data to
|
||||||
|
the packet.
|
||||||
|
|
||||||
|
This partially reverts the previous commit.
|
||||||
|
---
|
||||||
|
src/resolve/resolved-dns-packet.c | 12 +++++++++++-
|
||||||
|
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
||||||
|
index 7262a50eee..c1ee755d9f 100644
|
||||||
|
--- a/src/resolve/resolved-dns-packet.c
|
||||||
|
+++ b/src/resolve/resolved-dns-packet.c
|
||||||
|
@@ -28,6 +28,9 @@
|
||||||
|
|
||||||
|
#define EDNS0_OPT_DO (1<<15)
|
||||||
|
|
||||||
|
+#define DNS_PACKET_SIZE_START 512
|
||||||
|
+assert_cc(DNS_PACKET_SIZE_START > UDP_PACKET_HEADER_SIZE)
|
||||||
|
+
|
||||||
|
typedef struct DnsPacketRewinder {
|
||||||
|
DnsPacket *packet;
|
||||||
|
size_t saved_rindex;
|
||||||
|
@@ -47,7 +50,14 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
|
||||||
|
|
||||||
|
assert(ret);
|
||||||
|
|
||||||
|
- a = MAX(mtu, DNS_PACKET_HEADER_SIZE);
|
||||||
|
+ /* When dns_packet_new() is called with mtu == 0, allocate more than the
|
||||||
|
+ * absolute minimum (which is the dns packet header size), to avoid
|
||||||
|
+ * resizing immediately again after appending the first data to the packet.
|
||||||
|
+ */
|
||||||
|
+ if (mtu < UDP_PACKET_HEADER_SIZE)
|
||||||
|
+ a = DNS_PACKET_SIZE_START;
|
||||||
|
+ else
|
||||||
|
+ a = MAX(mtu, DNS_PACKET_HEADER_SIZE);
|
||||||
|
|
||||||
|
/* round up to next page size */
|
||||||
|
a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket));
|
||||||
|
--
|
||||||
|
2.13.0
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
Name: systemd
|
Name: systemd
|
||||||
Url: http://www.freedesktop.org/wiki/Software/systemd
|
Url: http://www.freedesktop.org/wiki/Software/systemd
|
||||||
Version: 229
|
Version: 229
|
||||||
Release: 21%{?gitcommit:.git%{gitcommitshort}}%{?dist}
|
Release: 22%{?gitcommit:.git%{gitcommitshort}}%{?dist}
|
||||||
# For a breakdown of the licensing, see README
|
# For a breakdown of the licensing, see README
|
||||||
License: LGPLv2+ and MIT and GPLv2+
|
License: LGPLv2+ and MIT and GPLv2+
|
||||||
Summary: A System and Service Manager
|
Summary: A System and Service Manager
|
||||||
|
@ -90,6 +90,7 @@ Patch0054: 0054-hwdb-selinuxify-a-bit-3460.patch
|
||||||
Patch0055: 0055-udevadm-explicitly-relabel-etc-udev-hwdb.bin-after-r.patch
|
Patch0055: 0055-udevadm-explicitly-relabel-etc-udev-hwdb.bin-after-r.patch
|
||||||
Patch0056: 0056-build-sys-check-for-lz4-in-the-old-and-new-numbering.patch
|
Patch0056: 0056-build-sys-check-for-lz4-in-the-old-and-new-numbering.patch
|
||||||
Patch0057: 0057-resolved-simplify-alloc-size-calculation.patch
|
Patch0057: 0057-resolved-simplify-alloc-size-calculation.patch
|
||||||
|
Patch0058: 0058-resolved-do-not-allocate-packets-with-minimum-size.patch
|
||||||
|
|
||||||
Patch0999: 0999-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
Patch0999: 0999-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||||
|
|
||||||
|
@ -980,6 +981,9 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
|
||||||
/usr/lib/firewalld/services/*
|
/usr/lib/firewalld/services/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 229-22
|
||||||
|
- Tweak the patches a bit
|
||||||
|
|
||||||
* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 229-21
|
* Tue Jun 27 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 229-21
|
||||||
- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445)
|
- Fix an out-of-bounds write in systemd-resolved (CVE-2017-9445)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue