| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- From db848813bae4d28c524b3b6a7dad135e426659ce Mon Sep 17 00:00:00 2001
- From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
- Date: Sun, 18 Jun 2017 16:07:57 -0400
- Subject: [PATCH] resolved: simplify alloc size calculation
- The allocation size was calculated in a complicated way, and for values
- close to the page size we would actually allocate less than requested.
- Reported by Chris Coulson <chris.coulson@canonical.com>.
- CVE-2017-9445
- [Upstream commit: https://github.com/systemd/systemd/commit/db848813bae4d28c524b3b6a7dad135e426659ce]
- Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- ---
- src/resolve/resolved-dns-packet.c | 8 +-------
- src/resolve/resolved-dns-packet.h | 2 --
- 2 files changed, 1 insertion(+), 9 deletions(-)
- diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
- index 240ee448f4..821b66e266 100644
- --- a/src/resolve/resolved-dns-packet.c
- +++ b/src/resolve/resolved-dns-packet.c
- @@ -47,13 +47,7 @@ int dns_packet_new(DnsPacket **ret, DnsProtocol protocol, size_t mtu) {
-
- assert(ret);
-
- - if (mtu <= UDP_PACKET_HEADER_SIZE)
- - a = DNS_PACKET_SIZE_START;
- - else
- - a = mtu - UDP_PACKET_HEADER_SIZE;
- -
- - if (a < DNS_PACKET_HEADER_SIZE)
- - a = DNS_PACKET_HEADER_SIZE;
- + a = MAX(mtu, DNS_PACKET_HEADER_SIZE);
-
- /* round up to next page size */
- a = PAGE_ALIGN(ALIGN(sizeof(DnsPacket)) + a) - ALIGN(sizeof(DnsPacket));
- diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
- index 2c92392e4d..3abcaf8cf3 100644
- --- a/src/resolve/resolved-dns-packet.h
- +++ b/src/resolve/resolved-dns-packet.h
- @@ -66,8 +66,6 @@ struct DnsPacketHeader {
- /* With EDNS0 we can use larger packets, default to 4096, which is what is commonly used */
- #define DNS_PACKET_UNICAST_SIZE_LARGE_MAX 4096
-
- -#define DNS_PACKET_SIZE_START 512
- -
- struct DnsPacket {
- int n_ref;
- DnsProtocol protocol;
|
