!17 Update to 3.16
From: @menmazqj Reviewed-by: @wk333 Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot
Gitee
commit
29fa616d92
@ -1,44 +0,0 @@
|
||||
From 0ef151550d96cc4460f98832df84b4a1e87c65e9 Mon Sep 17 00:00:00 2001
|
||||
From: "Bruce A. Mah" <bmah@es.net>
|
||||
Date: Fri, 7 Jul 2023 11:35:02 -0700
|
||||
Subject: [PATCH] Fix memory allocation hazard (#1542). (#1543)
|
||||
|
||||
Reported by: @someusername123 on GitHub
|
||||
---
|
||||
src/iperf_api.c | 9 ++++++++-
|
||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/iperf_api.c b/src/iperf_api.c
|
||||
index f2d416214..a95e02418 100644
|
||||
--- a/src/iperf_api.c
|
||||
+++ b/src/iperf_api.c
|
||||
@@ -2670,6 +2670,7 @@ static cJSON *
|
||||
JSON_read(int fd)
|
||||
{
|
||||
uint32_t hsize, nsize;
|
||||
+ size_t strsize;
|
||||
char *str;
|
||||
cJSON *json = NULL;
|
||||
int rc;
|
||||
@@ -2682,7 +2683,9 @@ JSON_read(int fd)
|
||||
if (Nread(fd, (char*) &nsize, sizeof(nsize), Ptcp) >= 0) {
|
||||
hsize = ntohl(nsize);
|
||||
/* Allocate a buffer to hold the JSON */
|
||||
- str = (char *) calloc(sizeof(char), hsize+1); /* +1 for trailing null */
|
||||
+ strsize = hsize + 1; /* +1 for trailing NULL */
|
||||
+ if (strsize) {
|
||||
+ str = (char *) calloc(sizeof(char), strsize);
|
||||
if (str != NULL) {
|
||||
rc = Nread(fd, str, hsize, Ptcp);
|
||||
if (rc >= 0) {
|
||||
@@ -2701,6 +2704,10 @@ JSON_read(int fd)
|
||||
}
|
||||
}
|
||||
free(str);
|
||||
+ }
|
||||
+ else {
|
||||
+ printf("WARNING: Data length overflow\n");
|
||||
+ }
|
||||
}
|
||||
return json;
|
||||
}
|
||||
Binary file not shown.
BIN
iperf-3.16.tar.gz
Normal file
BIN
iperf-3.16.tar.gz
Normal file
Binary file not shown.
@ -1,11 +1,10 @@
|
||||
Name: iperf3
|
||||
Version: 3.13
|
||||
Release: 2
|
||||
Version: 3.16
|
||||
Release: 1
|
||||
Summary: TCP,UDP,and SCTP network bandwidth measurement tool
|
||||
License: BSD
|
||||
URL: http://github.com/esnet/iperf
|
||||
Source0: https://github.com/esnet/iperf/archive/%{version}/iperf-%{version}.tar.gz
|
||||
Patch0: CVE-2023-38403.patch
|
||||
|
||||
BuildRequires: libuuid-devel gcc
|
||||
|
||||
@ -54,6 +53,9 @@ mkdir -p %{buildroot}%{_mandir}/man1
|
||||
%{_mandir}/man3/libiperf.3.gz
|
||||
|
||||
%changelog
|
||||
* Sun Jan 14 2024 menmazqj <qijia.oerv@isrc.iscas.ac.cn> - 3.16-1
|
||||
- Update to 3.16
|
||||
|
||||
* Mon Aug 07 2023 yaoxin <yao_xin001@hoperun.com> - 3.13-2
|
||||
- Fix CVE-2023-38403
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user