diff options
Diffstat (limited to 'dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch')
-rw-r--r-- | dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch b/dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch new file mode 100644 index 000000000000..ad1bb80ac0de --- /dev/null +++ b/dev-python/hiredis/files/hiredis-2.0.0-CVE-2021-32765.patch @@ -0,0 +1,36 @@ +--- a/vendor/hiredis/alloc.c ++++ b/vendor/hiredis/alloc.c +@@ -68,6 +68,10 @@ void *hi_malloc(size_t size) { + } + + void *hi_calloc(size_t nmemb, size_t size) { ++ /* Overflow check as the user can specify any arbitrary allocator */ ++ if (SIZE_MAX / size < nmemb) ++ return NULL; ++ + return hiredisAllocFns.callocFn(nmemb, size); + } + +diff --git a/alloc.h b/alloc.h +index 34a05f4..771f9fe 100644 +--- a/vendor/hiredis/alloc.h ++++ b/vendor/hiredis/alloc.h +@@ -32,6 +32,7 @@ + #define HIREDIS_ALLOC_H + + #include <stddef.h> /* for size_t */ ++#include <stdint.h> + + #ifdef __cplusplus + extern "C" { +@@ -59,6 +60,10 @@ static inline void *hi_malloc(size_t size) { + } + + static inline void *hi_calloc(size_t nmemb, size_t size) { ++ /* Overflow check as the user can specify any arbitrary allocator */ ++ if (SIZE_MAX / size < nmemb) ++ return NULL; ++ + return hiredisAllocFns.callocFn(nmemb, size); + } + |