projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8aa5972) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Thu, 27 Mar 2025 11:24:29 +0000 (14:24 +0300)
committerDmitry Shachnev <mitya57@debian.org>
Thu, 27 Mar 2025 11:24:29 +0000 (14:24 +0300)
commit888b3cf87e15b1e24162dcc5235305b68d8143e7
tree7bc99e6543d84aa2a08ad1c1d7db114cbb6a0141tree | snapshot
parent8aa59722d5a3cc49eb6f4654642bbcaf56f172fbcommit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.