projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 930c737) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Thu, 25 Jul 2024 12:43:37 +0000 (15:43 +0300)
committerDmitry Shachnev <mitya57@debian.org>
Thu, 25 Jul 2024 12:43:37 +0000 (15:43 +0300)
commit12c185eb7fcdfa23145ea6ef1c4c6045538d8d15
tree8c2a190a5fdf5b8c108d51a520706471d505655btree | snapshot
parent930c73745ff6ef7448f3def0e6c3f2174e1c0535commit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.