Red Hat Bugzilla – Bug 170045
Buffer overflow in xsupplicant
Last modified: 2007-11-30 17:11:14 EST
(This seems to be something different from #167467.)
cardif_getframe () passes a too small buffer to recvfrom (). The attached
patch fixes this.
Version-Release number of selected component (if applicable):
Please send it upstream too.
Created attachment 119684 [details]
The promised patch
Created attachment 122386 [details]
The same patch, updated for 1.2.2
This seemes to be fixed in upstream CVS by just setting resultsize to 1520
instead of making the buffer larger.
Tom, I've got CVS access myself, shall I make a patch with upstreams fix,
include this in the spec, bump the release and push through a build?
Sure, go ahead.
This has been fixed in cvs and successfully build for FC-3, FC-4 and devel. The
fixed version should show up in the repos soon.