openslp: Fix CVE-2016-4912

This commit is contained in:
adisbladis 2018-01-07 04:25:00 +08:00
parent 45f6d97e6e
commit 1aca02b51e
No known key found for this signature in database
GPG key ID: ED58F95069B004F5
2 changed files with 12 additions and 0 deletions

View file

@ -0,0 +1,11 @@
--- a/common/slp_xmalloc.c
+++ b/common/slp_xmalloc.c
@@ -206,7 +206,7 @@ void * _xrealloc(const char * file, int line, void * ptr, size_t size)
if (newptr == 0)
return 0;
memcpy(newptr, ptr, x->size);
- _xfree(file, line, x);
+ _xfree(file, line, ptr);
}
return newptr;
}

View file

@ -19,6 +19,7 @@ stdenv.mkDerivation {
url = "https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-cve-2016-7567.patch";
sha256 = "0zp61axx93b7nrbsyhn2x4dnw7n9y6g4rys21hyqxk4khrnc2yr9";
})
./CVE-2016-4912.patch
];
meta = with stdenv.lib; {