projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 62bce2d) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Sun, 28 Apr 2024 20:48:02 +0000 (22:48 +0200)
committerThorsten Alteholz <debian@alteholz.de>
Sun, 28 Apr 2024 20:48:02 +0000 (22:48 +0200)
commit9135364d54405bec92867c6f6d470947841adbb6
treed3240981a011193590ad3573ccab1550b25e3e61tree | snapshot
parent62bce2d40f4290ef8c461f3469d51099eae6f171commit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.