projects / qtbase-opensource-src.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 63153c6) | patch
QDnsLookup/Unix: make sure we don't overflow the buffer
authorDebian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Sat, 17 Feb 2024 12:11:37 +0000 (15:11 +0300)
committerDmitry Shachnev <mitya57@debian.org>
Sat, 17 Feb 2024 12:11:37 +0000 (15:11 +0300)
commit783963022504ebc534a0b6c715b319f4c1fceae0
treeff258aa7f05e9ace4368f410a7d97d7172a708c4tree | snapshot
parent63153c63040aa5bc5e5fdc0ca31ea4de3b6a72e3commit | diff
QDnsLookup/Unix: make sure we don't overflow the buffer

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=7dba2c87619d558a
Last-Update: 2023-05-25

The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.

Additionally reject any replies containing more than one query records.

Gbp-Pq: Name CVE-2023-33285.diff
src/network/kernel/qdnslookup_unix.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.