diff options
Diffstat (limited to 'meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch')
-rw-r--r-- | meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch b/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch deleted file mode 100644 index 02cc83d314..0000000000 --- a/meta/recipes-devtools/python/python/python-2.7.3-CVE-2014-1912.patch +++ /dev/null @@ -1,26 +0,0 @@ -Upstream-Status: Backport - -Reference: http://bugs.python.org/issue20246 - -CVE-2014-1912: Python buffer overflow in socket.recvfrom_into() -lets remote users execute arbitrary code.Original patch by Benjamin Peterson - -Signed-off-by: Maxin B. John <maxin.john@enea.com> ---- -diff -r 40fb60df4755 Modules/socketmodule.c ---- a/Modules/socketmodule.c Sun Jan 12 12:11:47 2014 +0200 -+++ b/Modules/socketmodule.c Mon Jan 13 16:36:35 2014 -0800 -@@ -2744,6 +2744,13 @@ - recvlen = buflen; - } - -+ /* Check if the buffer is large enough */ -+ if (buflen < recvlen) { -+ PyErr_SetString(PyExc_ValueError, -+ "buffer too small for requested bytes"); -+ goto error; -+ } -+ - readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); - if (readlen < 0) { - /* Return an error */ |