diff options
author | Arnout Engelen <arnout@bzzt.net> | 2023-11-26 16:05:17 +0100 |
---|---|---|
committer | Arnout Engelen <arnout@bzzt.net> | 2023-11-26 16:10:09 +0100 |
commit | fb22f402f47148b2f42d4767615abb367c1b7cfd (patch) | |
tree | 0fec1cb5c61088c6ba20b17a3b374ce55318ca43 | |
parent | f65b41f13dc33338d287d9d8637d63fd2ae6978b (diff) |
avahi: apply patch for CVE-2023-38471
And the follow-up PR
-rw-r--r-- | pkgs/development/libraries/avahi/CVE-2023-38471-2.patch | 47 | ||||
-rw-r--r-- | pkgs/development/libraries/avahi/default.nix | 10 |
2 files changed, 57 insertions, 0 deletions
diff --git a/pkgs/development/libraries/avahi/CVE-2023-38471-2.patch b/pkgs/development/libraries/avahi/CVE-2023-38471-2.patch new file mode 100644 index 000000000000..be0faddbfef5 --- /dev/null +++ b/pkgs/development/libraries/avahi/CVE-2023-38471-2.patch @@ -0,0 +1,47 @@ +From 04ac71fd56a16365360f14bd4691219913e22f21 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Tue, 24 Oct 2023 21:57:32 +0000 +Subject: [PATCH 1/2] smoke-test: call SetHostName with unusual names + +It's prompted by https://github.com/lathiat/avahi/issues/453 +--- + avahi-core/server.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/avahi-core/server.c b/avahi-core/server.c +index f6a21bb7..84df6b5d 100644 +--- a/avahi-core/server.c ++++ b/avahi-core/server.c +@@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + else + hn = avahi_normalize_name_strdup(host_name); + ++ if (!hn) ++ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); ++ + h = hn; + if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { + avahi_free(h); +- return AVAHI_ERR_INVALID_HOST_NAME; ++ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); + } + + avahi_free(h); +@@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + h = label_escaped; + len = sizeof(label_escaped); + if (!avahi_escape_label(label, strlen(label), &h, &len)) +- return AVAHI_ERR_INVALID_HOST_NAME; ++ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); + + if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) + return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); +@@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + avahi_free(s->host_name); + s->host_name = avahi_strdup(label_escaped); + if (!s->host_name) +- return AVAHI_ERR_NO_MEMORY; ++ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); + + update_fqdn(s); + diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index ca742975e91b..bcc1928d9249 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -65,6 +65,16 @@ stdenv.mkDerivation rec { url = "https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797.patch"; sha256 = "sha256-/ZVhsBkf70vjDWWG5KXxvGXIpLOZUXdRkn3413iSlnI="; }) + # CVE-2023-38471 + # https://github.com/lathiat/avahi/pull/494 merged Oct 24 + (fetchpatch { + name = "CVE-2023-38471.patch"; + url = "https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09.patch"; + sha256 = "sha256-4dG+5ZHDa+A4/CszYS8uXWlpmA89m7/jhbZ7rheMs7U="; + }) + # https://github.com/lathiat/avahi/pull/499 merged Oct 25 + # (but with the changes to '.github/workflows/smoke-tests.sh removed) + ./CVE-2023-38471-2.patch # CVE-2023-38469 # https://github.com/lathiat/avahi/pull/500 merged Oct 25 # (but with the changes to '.github/workflows/smoke-tests.sh removed) |