[jackhill/guix/guix.git] / gnu / packages / patches / osip-CVE-2017-7853.patch

Fix CVE-2017-7853:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7853
https://savannah.gnu.org/support/index.php?109265

Patch copied from upstream source repository:

https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45

From 1ae06daf3b2375c34af23083394a6f010be24a45 Mon Sep 17 00:00:00 2001
From: Aymeric Moizard <amoizard@gmail.com>
Date: Tue, 21 Feb 2017 17:16:26 +0100
Subject: [PATCH]  * fix bug report: sr #109265: SIP message body length
 underflow in libosip2-4.1.0    https://savannah.gnu.org/support/?109265   
 also applicable to current latest version

---
 src/osipparser2/osip_message_parse.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/osipparser2/osip_message_parse.c b/src/osipparser2/osip_message_parse.c
index 1628c60..aa35446 100644
--- a/src/osipparser2/osip_message_parse.c
+++ b/src/osipparser2/osip_message_parse.c
@@ -784,6 +784,12 @@ msg_osip_body_parse (osip_message_t * sip, const char *start_of_buf, const char
     if ('\n' == start_of_body[0] || '\r' == start_of_body[0])
       start_of_body++;
 
+    /* if message body is empty or contains a single CR/LF */
+    if (end_of_body <= start_of_body) {
+      osip_free (sep_boundary);
+      return OSIP_SYNTAXERROR;
+    }
+
     body_len = end_of_body - start_of_body;
 
     /* Skip CR before end boundary. */
-- 
2.13.1
Commit	Line	Data
75072795 LF	1	Fix CVE-2017-7853:
	2
	3	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7853
	4	https://savannah.gnu.org/support/index.php?109265
	5
	6	Patch copied from upstream source repository:
	7
	8	https://git.savannah.gnu.org/cgit/osip.git/commit/?id=1ae06daf3b2375c34af23083394a6f010be24a45
	9
	10	From 1ae06daf3b2375c34af23083394a6f010be24a45 Mon Sep 17 00:00:00 2001
	11	From: Aymeric Moizard <amoizard@gmail.com>
	12	Date: Tue, 21 Feb 2017 17:16:26 +0100
	13	Subject: [PATCH] * fix bug report: sr #109265: SIP message body length
	14	underflow in libosip2-4.1.0 https://savannah.gnu.org/support/?109265
	15	also applicable to current latest version
	16
	17	---
	18	src/osipparser2/osip_message_parse.c \| 6 ++++++
	19	1 file changed, 6 insertions(+)
	20
	21	diff --git a/src/osipparser2/osip_message_parse.c b/src/osipparser2/osip_message_parse.c
	22	index 1628c60..aa35446 100644
	23	--- a/src/osipparser2/osip_message_parse.c
	24	+++ b/src/osipparser2/osip_message_parse.c
	25	@@ -784,6 +784,12 @@ msg_osip_body_parse (osip_message_t * sip, const char *start_of_buf, const char
	26	if ('\n' == start_of_body[0] \|\| '\r' == start_of_body[0])
	27	start_of_body++;
	28
	29	+ /* if message body is empty or contains a single CR/LF */
	30	+ if (end_of_body <= start_of_body) {
	31	+ osip_free (sep_boundary);
	32	+ return OSIP_SYNTAXERROR;
	33	+ }
	34	+
	35	body_len = end_of_body - start_of_body;
	36
	37	/* Skip CR before end boundary. */
	38	--
	39	2.13.1
	40