You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
1.2 KiB
44 lines
1.2 KiB
From eb7d138163c835ba5f4c34cd943c05b0e324bcc7 Mon Sep 17 00:00:00 2001 |
|
From: Vaclav Dolezal <vdolezal@redhat.com> |
|
Date: Wed, 12 Feb 2020 15:20:32 +0100 |
|
Subject: [PATCH] Partial fix for CVE-2020-5208 |
|
|
|
replacement for patch: |
|
9452be8 channel: Fix buffer overflow |
|
|
|
Signed-off-by: Vaclav Dolezal <vdolezal@redhat.com> |
|
--- |
|
lib/ipmi_channel.c | 10 ++++++++++ |
|
1 file changed, 10 insertions(+) |
|
|
|
diff --git a/lib/ipmi_channel.c b/lib/ipmi_channel.c |
|
index e1fc75f..81ae82e 100644 |
|
--- a/lib/ipmi_channel.c |
|
+++ b/lib/ipmi_channel.c |
|
@@ -383,6 +383,11 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, |
|
val2str(rsp->ccode, completion_code_vals)); |
|
return -1; |
|
} |
|
+ if (rsp->data_len > 17) { |
|
+ lprintf(LOG_ERR, "Get Channel Cipher Suites failed - " |
|
+ "received invalid data"); |
|
+ return -1; |
|
+ } |
|
|
|
|
|
/* |
|
@@ -418,6 +423,11 @@ ipmi_get_channel_cipher_suites(struct ipmi_intf *intf, const char *payload_type, |
|
val2str(rsp->ccode, completion_code_vals)); |
|
return -1; |
|
} |
|
+ if (rsp->data_len > 17) { |
|
+ lprintf(LOG_ERR, "Get Channel Cipher Suites failed - " |
|
+ "received invalid data"); |
|
+ return -1; |
|
+ } |
|
} |
|
|
|
/* Copy last chunk */ |
|
-- |
|
2.20.1 |
|
|
|
|