summaryrefslogtreecommitdiffstats
path: root/debian/patches/0038-CVE-2022-38178.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/0038-CVE-2022-38178.patch')
-rw-r--r--debian/patches/0038-CVE-2022-38178.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/debian/patches/0038-CVE-2022-38178.patch b/debian/patches/0038-CVE-2022-38178.patch
new file mode 100644
index 0000000..582104f
--- /dev/null
+++ b/debian/patches/0038-CVE-2022-38178.patch
@@ -0,0 +1,21 @@
+From 1af23378ebb11da2eb0f412e4563d6c4165fbd3d Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Thu, 11 Aug 2022 15:28:13 +1000
+Subject: [PATCH] Free ctx on invalid siglen
+
+(cherry picked from commit 6ddb480a84836641a0711768a94122972c166825)
+---
+ lib/dns/openssleddsa_link.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/lib/dns/openssleddsa_link.c
++++ b/lib/dns/openssleddsa_link.c
+@@ -325,7 +325,7 @@ openssleddsa_verify(dst_context_t *dctx,
+ siglen = DNS_SIG_ED448SIZE;
+
+ if (sig->length != siglen)
+- return (DST_R_VERIFYFAILURE);
++ DST_RET(DST_R_VERIFYFAILURE);
+
+ isc_buffer_usedregion(buf, &tbsreg);
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 21:09:00 +0000