summaryrefslogtreecommitdiff
path: root/backport-CVE-2023-5156.patch
diff options
context:
space:
mode:
Diffstat (limited to 'backport-CVE-2023-5156.patch')
-rw-r--r--backport-CVE-2023-5156.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/backport-CVE-2023-5156.patch b/backport-CVE-2023-5156.patch
new file mode 100644
index 0000000..8702518
--- /dev/null
+++ b/backport-CVE-2023-5156.patch
@@ -0,0 +1,29 @@
+From ec6b95c3303c700eb89eebeda2d7264cc184a796 Mon Sep 17 00:00:00 2001
+From: Romain Geissler <romain.geissler@amadeus.com>
+Date: Mon, 25 Sep 2023 01:21:51 +0100
+Subject: [PATCH] Fix leak in getaddrinfo introduced by the fix for
+ CVE-2023-4806 [BZ #30843]
+
+This patch fixes a very recently added leak in getaddrinfo.
+
+Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
+
+---
+ sysdeps/posix/getaddrinfo.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
+index 614ee39f..b3321913 100644
+--- a/sysdeps/posix/getaddrinfo.c
++++ b/sysdeps/posix/getaddrinfo.c
+@@ -1160,6 +1160,7 @@ gaih_inet (const char *name, const struct gaih_service *service,
+
+ if (res.malloc_h_name){
+ free (res.h_name);
++ res.malloc_h_name = false;
+ }
+
+ return result;
+--
+2.23.0
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 02:06:20 +0000