| Message ID | 20241204100758.4931-1-absicsz@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 556e14548c38c2b96d85881542046ee7ed750bb5 |
| Headers | show |
| Series | stkutil: ensure data fits in buffer | expand |
Hello: This patch was applied to ofono.git (master) by Denis Kenzior <denkenz@gmail.com>: On Wed, 4 Dec 2024 12:07:34 +0200 you wrote: > Fixes CVE-2024-7545 > --- > src/stkutil.c | 4 ++++ > 1 file changed, 4 insertions(+) Here is the summary with links: - stkutil: ensure data fits in buffer https://git.kernel.org/pub/scm/network/ofono/ofono.git/?id=556e14548c38 You are awesome, thank you!
diff --git a/src/stkutil.c b/src/stkutil.c index 60cad102..bd261b1c 100644 --- a/src/stkutil.c +++ b/src/stkutil.c @@ -1916,6 +1916,10 @@ static bool parse_dataobj_mms_content_id( data = comprehension_tlv_iter_get_data(iter); mci->len = len; + + if (len > sizeof(mci->id)) + return false; + memcpy(mci->id, data, len); return true;