From ac844b9fc7945c38ea21fb7cf1a49a5c226d7c9c Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Mon, 12 May 2025 16:17:20 +0800 Subject: [PATCH] Resolve "(CVE-2025-32914) (#YWH-PGM9867-23) OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process" CVE: CVE-2025-32914 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/450/diffs?commit_id=5bfcf8157597f2d327050114fb37ff600004dbcf] Test code are not added since some functions not aligned with version 2.74.3 Signed-off-by: Changqing Li --- libsoup/soup-multipart.c | 2 +- 1 files changed, 1 insertions(+), 1 deletion(-) diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c index a7e550f..dd93973 100644 --- a/libsoup/soup-multipart.c +++ b/libsoup/soup-multipart.c @@ -181,7 +181,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers, return NULL; } - split = strstr (start, "\r\n\r\n"); + split = g_strstr_len (start, body_end - start, "\r\n\r\n"); if (!split || split > end) { soup_multipart_free (multipart); soup_buffer_free (flattened); -- 2.34.1