From a6bf443d7607a52cc7461071e028ea15a97d2418 Mon Sep 17 00:00:00 2001
From: liuzy518 <570407222@qq.com>
Date: Thu, 18 Feb 2021 15:53:43 +0800
Subject: [PATCH] bind:fix CVE-2020-8625

Signed-off-by: liuzy518 <570407222@qq.com>
(cherry picked from commit c4f74f3ee3354b7e395be66431debc993f187332)
---
 CVE-2020-8625.patch | 13 +++++++++++++
 bind.spec           | 10 +++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-8625.patch

diff --git a/CVE-2020-8625.patch b/CVE-2020-8625.patch
new file mode 100644
index 0000000..454d17e
--- /dev/null
+++ b/CVE-2020-8625.patch
@@ -0,0 +1,13 @@
+diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
+index dea108bad05..13cf15d7404 100644
+--- a/lib/dns/spnego.c
++++ b/lib/dns/spnego.c
+@@ -877,7 +877,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
+ 		return (ASN1_OVERRUN);
+ 	}
+ 
+-	data->components = malloc(len * sizeof(*data->components));
++	data->components = malloc((len + 1) * sizeof(*data->components));
+ 	if (data->components == NULL) {
+ 		return (ENOMEM);
+ 	}
diff --git a/bind.spec b/bind.spec
index 68846b3..106879f 100644
--- a/bind.spec
+++ b/bind.spec
@@ -21,7 +21,7 @@ Name:           bind
 Summary:        Domain Name System (DNS) Server (named)
 License:        MPLv2.0
 Version:        9.11.21
-Release:        3
+Release:        4
 Epoch:          32
 Url:            http://www.isc.org/products/BIND/
 Source0:        https://ftp.isc.org/isc/bind9/9.11.21/bind-%{version}.tar.gz
@@ -170,6 +170,7 @@ Patch191: CVE-2020-8622.patch
 Patch192: CVE-2020-8623.patch
 Patch193: CVE-2020-8624.patch
 Patch194: Fix_the_difference_at_the_macro_definition_using_clock_gettime_instead_of_gettimeofda.patch
+Patch195: CVE-2020-8625.patch
 # SDB patches
 Patch11: bind-9.3.2b2-sdbsrc.patch
 Patch12: bind-9.10-sdb.patch
@@ -373,6 +374,7 @@ are used for building ISC DHCP.
 %patch192 -p1
 %patch193 -p1
 %patch194 -p1
+%patch195 -p1
 
 mkdir lib/dns/tests/testdata/dstrandom
 cp -a %{SOURCE29} lib/dns/tests/testdata/dstrandom/random.data
@@ -1186,6 +1188,12 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Thu Feb 18 2021 liulong <liulong20@huawei.com> - 9.11.21-4
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC:fix CVE-2020-8625
+
 * Wed Dec 9 2020 hanzhijun <hanzhijun1@huawei.com> - 9.11.21-3
 - Type:bugfix
 - ID:NA
-- 
Gitee