projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e170692) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Sun, 28 Apr 2024 18:48:02 +0000 (20:48 +0200)
committerThorsten Alteholz <debian@alteholz.de>
Sun, 28 Apr 2024 18:48:02 +0000 (20:48 +0200)
commit12dd04c6378f568c82ee8d45c05aa0bb4403e82d
tree6275ccead20f014267c3e4429803dec8ed8b41aatree | snapshot
parente170692d794ada361b2e192a6a3e53d99c657634commit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.