libupnp: Fix out-of-bound access in create_url_list() (CVE-2016-8863) - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Andrej Valek <andrej.valek@siemens.com>	2016-12-12 12:46:21 +0100
committer	Martin Jansa <Martin.Jansa@gmail.com>	2016-12-26 08:23:18 +0100
commit	b4659368a01a5b4209d9e1e571bb569ef4a06195 (patch)
tree	3ee68a7b5f8a823b881f35365e4bda79bfd20cf6 /meta-python/recipes-devtools/python/python-matplotlib
parent	42a46903392c85b2b2cc7ed9a8413261f03a8ab4 (diff)
download	meta-openembedded-b4659368a01a5b4209d9e1e571bb569ef4a06195.tar.gz

libupnp: Fix out-of-bound access in create_url_list() (CVE-2016-8863)

If there is an invalid URL in URLS->buf after a valid one, uri_parse is called with out pointing after the allocated memory. As uri_parse writes to *out before returning an error the loop in create_url_list must be stopped early to prevent an out-of-bound access Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-matplotlib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: