HomeFreeBSD
Diffusion FreeBSD src repository a8d0ba483332

libnv: allocate buffer in a safe way
a8d0ba483332
Actions

Description

libnv: allocate buffer in a safe way

Ensure that the calculation of size of array doesn't
overflow.

Security: FreeBSD-24:09.libnv
Security: CVE-2024-45287
Security: CAP-02
Reported by: Synacktiv
Reported by: Taylor R Campbell (NetBSD)
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46131

(cherry picked from commit 36fa90dbde0060aacb5677d0b113ee168e839071)
(cherry picked from commit 2e7f9244ebefe019ef016a3a5b47c4562850d1c2)

Approved by: so
Approved by: re (cperciva)

Details

Provenance
oshogboAuthored on Aug 26 2024, 6:10 PM
emasteCommitted on Wed, Sep 4, 7:10 PM
Differential Revision
Restricted Differential Revision
Parents
rG73da0e55aa90: 13.4: Update to RC2
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
sys/
contrib/
libnv/

rGa8d0ba483332

View Options

sys/contrib/libnv/bsd_nvpair.c

Loading...
View Options

sys/contrib/libnv/nvlist.c

Loading...