projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b13aaea) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Sun, 14 Jul 2024 15:35:58 +0000 (18:35 +0300)
committerDmitry Shachnev <mitya57@debian.org>
Sun, 14 Jul 2024 15:35:58 +0000 (18:35 +0300)
commit25f869af1f12f159b80f9b1892c660f8f654f61d
tree84da921b8e87037e70abc2db34738297f3d3e202tree | snapshot
parentb13aaea4438750abc64eeea36061f847ec9749a5commit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.