equal
deleted
inserted
replaced
|
1 Fix for CVE-2016-10197 |
|
2 |
|
3 More details at: |
|
4 |
|
5 https://github.com/libevent/libevent/issues/332 |
|
6 |
|
7 Based on commit at: |
|
8 |
|
9 https://github.com/libevent/libevent/commit/ec65c42052d95d2c23d1d837136d1cf1d9ecef9e |
|
10 |
|
11 --- libevent-1.4.14/evdns.c.orig 2017-02-03 06:49:17.767210211 +0000 |
|
12 +++ libevent-1.4.14/evdns.c 2017-02-03 06:50:41.005061826 +0000 |
|
13 @@ -2492,9 +2491,11 @@ |
|
14 static char * |
|
15 search_make_new(const struct search_state *const state, int n, const char *const base_name) { |
|
16 const int base_len = strlen(base_name); |
|
17 - const char need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1; |
|
18 + char need_to_append_dot; |
|
19 struct search_domain *dom; |
|
20 |
|
21 + if (!base_len) return NULL; |
|
22 + need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1; |
|
23 for (dom = state->head; dom; dom = dom->next) { |
|
24 if (!n--) { |
|
25 /* this is the postfix we want */ |