chutzpah 14/04/25 18:33:37 Added: python-2.7.6-recvfrom_into_buffer_overflow.patch Log: Revision bump, add patch for CVE-2014-1912 (bug #500518) (Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0xE3F69979BB4B8928DA78E3D17CBF44EF)
Revision Changes Path 1.1 dev-lang/python/files/python-2.7.6-recvfrom_into_buffer_overflow.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-lang/python/files/python-2.7.6-recvfrom_into_buffer_overflow.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-lang/python/files/python-2.7.6-recvfrom_into_buffer_overflow.patch?rev=1.1&content-type=text/plain Index: python-2.7.6-recvfrom_into_buffer_overflow.patch =================================================================== diff -r 40fb60df4755 Modules/socketmodule.c --- a/Modules/socketmodule.c Sun Jan 12 12:11:47 2014 +0200 +++ b/Modules/socketmodule.c Mon Jan 13 16:36:35 2014 -0800 @@ -2744,6 +2744,13 @@ recvlen = buflen; } + /* Check if the buffer is large enough */ + if (buflen < recvlen) { + PyErr_SetString(PyExc_ValueError, + "buffer too small for requested bytes"); + goto error; + } + readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); if (readlen < 0) { /* Return an error */