projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 53a5ce8) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Sun, 17 Sep 2023 03:46:01 +0000 (04:46 +0100)
committerRaspbian forward porter <root@raspbian.org>
Sun, 17 Sep 2023 03:46:01 +0000 (04:46 +0100)
commitaf3fcd5553f2315d53babd3f0d2c68aa06b983c0
tree3e24b3e86f2bdbc54482f0a832a93e118c904f8dtree | snapshot
parent53a5ce8e34d44dd4230b3d8ee5d5e65714ff904bcommit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.