diff options
| author | Thiago Macieira <thiago.macieira@intel.com> | 2023-05-11 21:40:15 -0700 |
|---|---|---|
| committer | Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> | 2023-05-16 04:12:42 +0000 |
| commit | 55aee8697512af105dfefabc1e2ec41d4df1e45e (patch) | |
| tree | 2c23d8e481a8f988c8f65f097ba3e512f8fffa07 /examples/opengl/pbuffers/glwidget.cpp | |
| parent | b90c9b8655343d92e381a3004ec1f567d9905619 (diff) | |
| download | qtbase-6.5.1.tar.gz | |
QDnsLookup/Unix: make sure we don't overflow the buffer6.5.1
The DNS Records are variable length and encode their size in 16 bits
before the Record Data (RDATA). Ensure that both the RDATA and the
Record header fields before it fall inside the buffer we have.
Additionally reject any replies containing more than one query records.
[ChangeLog][QtNetwork][QDnsLookup] Fixed a bug that could cause a buffer
overflow in Unix systems while parsing corrupt, malicious, or truncated
replies.
Change-Id: I3e3bfef633af4130a03afffd175e4b9547654b95
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
(cherry picked from commit 7dba2c87619d558a61a30eb30cc1d9c3fe6df94c)
Reviewed-by: Daniel Smith <Daniel.Smith@qt.io>
(cherry picked from commit a2dc11b37fd71f785c342c40549f54edfdd1a6f8)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
Diffstat (limited to 'examples/opengl/pbuffers/glwidget.cpp')
0 files changed, 0 insertions, 0 deletions