package/lldpd/0001-daemon-fix-read-overflow-when-parsing-CDP-addresses.patch - buildroot - Git at Google

 From a9aeabdf879c25c584852a0bb5523837632f099b Mon Sep 17 00:00:00 2001
 From: Vincent Bernat <vincent@bernat.ch>
 Date: Wed, 12 Apr 2023 07:38:31 +0200
 Subject: [PATCH] daemon: fix read overflow when parsing CDP addresses

 Upstream: https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b
 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 ---
  NEWS                       | 4 ++++
  src/daemon/protocols/cdp.c | 1 +
  2 files changed, 5 insertions(+)

 diff --git a/src/daemon/protocols/cdp.c b/src/daemon/protocols/cdp.c
 index 8a1be863..42861c0e 100644
 --- a/src/daemon/protocols/cdp.c
 +++ b/src/daemon/protocols/cdp.c
 @@ -466,6 +466,7 @@ cdp_decode(struct lldpd *cfg, char *frame, int s, struct lldpd_hardware *hardwar
  					goto malformed;
  				}
  				PEEK_DISCARD(address_len);
 +				addresses_len -= address_len;
  				(void)PEEK_SAVE(pos_next_address);
  				/* Next, we go back and try to extract
  				   IPv4 address */
	From a9aeabdf879c25c584852a0bb5523837632f099b Mon Sep 17 00:00:00 2001
	From: Vincent Bernat <vincent@bernat.ch>
	Date: Wed, 12 Apr 2023 07:38:31 +0200
	Subject: [PATCH] daemon: fix read overflow when parsing CDP addresses

	Upstream: https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b
	Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
	---
	NEWS \| 4 ++++
	src/daemon/protocols/cdp.c \| 1 +
	2 files changed, 5 insertions(+)

	diff --git a/src/daemon/protocols/cdp.c b/src/daemon/protocols/cdp.c
	index 8a1be863..42861c0e 100644
	--- a/src/daemon/protocols/cdp.c
	+++ b/src/daemon/protocols/cdp.c
	@@ -466,6 +466,7 @@ cdp_decode(struct lldpd cfg, char frame, int s, struct lldpd_hardware *hardwar
	goto malformed;
	}
	PEEK_DISCARD(address_len);
	+ addresses_len -= address_len;
	(void)PEEK_SAVE(pos_next_address);
	/* Next, we go back and try to extract
	IPv4 address */