aa207cf3a6d68f39d64cd29057a4fb63943e9078 - 3rdparty/u-boot

commit	aa207cf3a6d68f39d64cd29057a4fb63943e9078	[log] [tgz]
author	liucheng (G) <liucheng32@huawei.com>	Thu Aug 29 13:47:48 2019 +0000
committer	Joe Hershberger <joe.hershberger@ni.com>	Wed Sep 04 11:37:19 2019 -0500
tree	25c1197dff0ca99de4c920efac3e92cf2e955245
parent	741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21 [diff]

CVE-2019-14194/CVE-2019-14198: nfs: fix unbounded memcpy with a failed length check at nfs_read_reply

This patch adds a check to rpc_pkt.u.reply.data at nfs_read_reply.

Signed-off-by: Cheng Liu <liucheng32@huawei.com>
Reported-by: Fermín Serna <fermin@semmle.com>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>

net/nfs.c[diff]

1 file changed

tree: 25c1197dff0ca99de4c920efac3e92cf2e955245