generic-library/libupnp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1a60aeb958
libupnp/upnp
History
Marcelo Roberto Jimenez 2bb79879b7 Security fix for CERT issue VU#922681 
This patch addresses three possible buffer overflows in function
unique_service_name(). The three issues have the folowing CVE
numbers:

CVE-2012-5958 Issue #2: Stack buffer overflow of Tempbuf
CVE-2012-5959 Issue #4: Stack buffer overflow of Event->UDN
CVE-2012-5960 Issue #8: Stack buffer overflow of Event->UDN

Notice that the following issues have already been dealt by previous
work:

CVE-2012-5961 Issue #1: Stack buffer overflow of Evt->UDN
CVE-2012-5962 Issue #3: Stack buffer overflow of Evt->DeviceType
CVE-2012-5963 Issue #5: Stack buffer overflow of Event->UDN
CVE-2012-5964 Issue #6: Stack buffer overflow of Event->DeviceType
CVE-2012-5965 Issue #7: Stack buffer overflow of Event->DeviceType
(cherry picked from commit f015a132e8)
2012-12-06 15:46:09 -02:00
..
doc Include prebuilt documentation (html,pdf), dropping doc++ dependancy. 2006-07-06 12:37:29 +00:00
inc Updated parameter to UpnpAcceptSubscriptionExt to a 'const' declaration, this aligns with UpnpAcceptSubscription 2012-07-11 23:18:23 +02:00
m4 Remove excessive 'dnl's from libupnp.m4. 2010-06-26 11:09:06 +00:00
sample Fix problems detected as dead assignment warning by clang scan-build. 2012-04-24 14:21:47 -03:00
src Security fix for CERT issue VU#922681 2012-12-06 15:46:09 -02:00
test Merge of Mac OS X patch from Stéphane Corthésy (davelopper), 2007-08-06 02:07:41 +00:00
unittest .gitignore for unittest/templates/*.pp.c. 2010-10-21 00:52:09 -02:00
LICENSE Removing unnecessary additional directory level. 2006-07-04 02:44:17 +00:00
Makefile.am Add --disable-optssdp option 2012-03-15 11:49:00 -03:00