Merge ~kzapalowicz/snappy-hwe-snaps/+git/network-manager:fix/nm-cve-2018-15688 into ~snappy-hwe-team/snappy-hwe-snaps/+git/network-manager:network-manager/xenial/1.2.2

Proposed by Konrad Zapałowicz
Status: Merged
Approved by: Alfonso Sanchez-Beato
Approved revision: ef24bab1034d1c787254fab861ed8c0bea915793
Merged at revision: d1c241c42f04bb05bb4830ac6260912dda53c085
Proposed branch: ~kzapalowicz/snappy-hwe-snaps/+git/network-manager:fix/nm-cve-2018-15688
Merge into: ~snappy-hwe-team/snappy-hwe-snaps/+git/network-manager:network-manager/xenial/1.2.2
Diff against target: 13 lines (+1/-1)
1 file modified
src/systemd/src/libsystemd-network/dhcp6-option.c (+1/-1)
Reviewer Review Type Date Requested Status
Alfonso Sanchez-Beato Approve
James Jesudason (community) Approve
System Enablement Bot continuous-integration Approve
Review via email:

Commit message

fix cve-2018-15688

To post a comment you must log in.
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :
review: Approve (continuous-integration)
Revision history for this message
James Jesudason (jamesj) wrote :

I'd prefer the right-hand side of the inequality to be in parentheses, but if it works it works.

review: Approve
Revision history for this message
Alfonso Sanchez-Beato (alfonsosanchezbeato) wrote :


review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
2index ee63142..61747ef 100644
3--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
4+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
5@@ -103,7 +103,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) {
6 return -EINVAL;
7 }
9- if (*buflen < len)
10+ if (*buflen < offsetof(DHCP6Option, data) + len)
11 return -ENOBUFS;
13 ia_hdr = *buf;


People subscribed via source and target branches