projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a56a3aa) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Thu, 27 Nov 2025 14:54:31 +0000 (15:54 +0100)
committerSylvain Beucler <beuc@debian.org>
Thu, 27 Nov 2025 14:54:31 +0000 (15:54 +0100)
commit0da6867d8429ebd7e0b71858e2346b2c6b425492
tree240e0a53fff3055db3ba9ddb6b8c98ae8a352b5dtree | snapshot
parenta56a3aa43e36ccd61dd9c99915e790a357df6e89commit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.