openslp: Fix CVE-2016-4912

2018-01-07 04:25:00 +08:00 · 2018-01-07 04:25:00 +08:00 · 1aca02b51e
commit 1aca02b51e
parent 45f6d97e6e
2 changed files with 12 additions and 0 deletions
--- a/pkgs/development/libraries/openslp/CVE-2016-4912.patch
+++ b/pkgs/development/libraries/openslp/CVE-2016-4912.patch
@ -0,0 +1,11 @@
+--- a/common/slp_xmalloc.c
+++ b/common/slp_xmalloc.c
+@@ -206,7 +206,7 @@ void * _xrealloc(const char * file, int line, void * ptr, size_t size)
+          if (newptr == 0)
+             return 0;
+          memcpy(newptr, ptr, x->size);
+-         _xfree(file, line, x);
+         _xfree(file, line, ptr);
+       }
+       return newptr;
+    }
--- a/pkgs/development/libraries/openslp/default.nix
+++ b/pkgs/development/libraries/openslp/default.nix
@ -19,6 +19,7 @@ stdenv.mkDerivation {
      url = "https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-cve-2016-7567.patch";
      sha256 = "0zp61axx93b7nrbsyhn2x4dnw7n9y6g4rys21hyqxk4khrnc2yr9";
    })
+    ./CVE-2016-4912.patch
  ];

  meta = with stdenv.lib; {