- fix _xrealloc not checking the malloc return value

[bnc#980722] [CVE-2016-4912] new patch: openslp.xrealloc.diff OBS-URL: https://build.opensuse.org/package/show/network:utilities/openslp?expand=0&rev=43
2016-09-13 11:55:46 +00:00 · 2016-09-13 11:55:46 +00:00 · eaaef381ac
commit eaaef381ac
parent 6ae719b0d7
3 changed files with 17 additions and 0 deletions
--- a/openslp.changes
+++ b/openslp.changes
@ -11,6 +11,9 @@ Mon Sep 12 14:23:15 CEST 2016 - mls@suse.de
  new patch: openslp.doubleequal.diff
 - fix bug in openslp.initda.diff patch
 - fix rcopenslp helper
+- fix _xrealloc not checking the malloc return value
+  [bnc#980722] [CVE-2016-4912]
+  new patch: openslp.xrealloc.diff

 -------------------------------------------------------------------
 Sun Mar  8 00:39:27 UTC 2015 - p.drouand@gmail.com
--- a/openslp.spec
+++ b/openslp.spec
@ -60,6 +60,7 @@ Patch12:        openslp.sd_notify.diff
 Patch13:        openslp.predicatestorage.diff
 Patch14:        openslp.doubleequal.diff
 Patch15:        openslp.noconvenience.diff
+Patch16:        openslp.xrealloc.diff

 %description
 Service Location Protocol is an IETF standards track protocol that
@ -127,6 +128,8 @@ such applications.
 %patch13
 %patch14
 %patch15
+%patch16
+
 %build
 autoreconf -fiv
 %configure --disable-static --with-pic --enable-slpv1 \
--- a/openslp.xrealloc.diff
+++ b/openslp.xrealloc.diff
@ -0,0 +1,11 @@
+--- ./common/slp_xmalloc.c.orig	2016-09-13 11:46:35.749065088 +0000
+++ ./common/slp_xmalloc.c	2016-09-13 11:48:03.785749186 +0000
+@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int
+       if (x->size != size)
+       {
+          newptr = _xmalloc(file, line, size);
+         if (!newptr)
+            return 0;
+          memcpy(newptr, ptr, x->size);
+          _xfree(file, line, x);
+       }