From 7f561b97c3148e3b87fa217eb9a5f3a1186db1cd Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Sun, 26 Aug 2018 21:03:28 -0700
Subject: [PATCH] ldns: Fix two CVEs

CVE-2017-1000231 and CVE-2017-1000232.

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 libs/ldns/Makefile                           |  4 +--
 libs/ldns/patches/100-CVE-2017-1000231.patch | 28 ++++++++++++++++++
 libs/ldns/patches/101-CVE-2017-1000232.patch | 30 ++++++++++++++++++++
 3 files changed, 60 insertions(+), 2 deletions(-)
 create mode 100644 libs/ldns/patches/100-CVE-2017-1000231.patch
 create mode 100644 libs/ldns/patches/101-CVE-2017-1000232.patch

diff --git a/libs/ldns/Makefile b/libs/ldns/Makefile
index d2751c0d3b..845bfff40b 100644
--- a/libs/ldns/Makefile
+++ b/libs/ldns/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ldns
 PKG_VERSION:=1.7.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.nlnetlabs.nl/downloads/ldns
@@ -17,7 +17,7 @@ PKG_HASH:=c19f5b1b4fb374cfe34f4845ea11b1e0551ddc67803bd6ddd5d2a20f0997a6cc
 
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
-PKG_MAINTAINER:=Nicolas Thill <nico@openwrt.org>
+PKG_MAINTAINER:=
 
 PKG_FIXUP:=autoreconf
 PKG_INSTALL:=1
diff --git a/libs/ldns/patches/100-CVE-2017-1000231.patch b/libs/ldns/patches/100-CVE-2017-1000231.patch
new file mode 100644
index 0000000000..2c2abe8a4f
--- /dev/null
+++ b/libs/ldns/patches/100-CVE-2017-1000231.patch
@@ -0,0 +1,28 @@
+From c8391790c96d4c8a2c10f9ab1460fda83b509fc2 Mon Sep 17 00:00:00 2001
+From: Willem Toorop <willem@nlnetlabs.nl>
+Date: Thu, 27 Apr 2017 00:14:58 +0200
+Subject: [PATCH] Check parse limit before t increment
+
+Thanks Stephan Zeisberg
+---
+ parse.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/parse.c b/parse.c
+index e68627c..947dbb8 100644
+--- a/parse.c
++++ b/parse.c
+@@ -118,6 +118,10 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
+ 			if (line_nr) {
+ 				*line_nr = *line_nr + 1;
+ 			}
++			if (limit > 0 && (i >= limit || (size_t)(t-token) >= limit)) {
++				*t = '\0';
++				return -1;
++			}
+ 			*t++ = ' ';
+ 			prev_c = c;
+ 			continue;
+-- 
+2.9.5
+
diff --git a/libs/ldns/patches/101-CVE-2017-1000232.patch b/libs/ldns/patches/101-CVE-2017-1000232.patch
new file mode 100644
index 0000000000..25be44dc53
--- /dev/null
+++ b/libs/ldns/patches/101-CVE-2017-1000232.patch
@@ -0,0 +1,30 @@
+From 3bdeed02505c9bbacb3b64a97ddcb1de967153b7 Mon Sep 17 00:00:00 2001
+From: Willem Toorop <willem@nlnetlabs.nl>
+Date: Thu, 27 Apr 2017 00:25:20 +0200
+Subject: [PATCH] bugfix #1257: Free after reallocing to 0 size
+
+Thanks Stephan Zeisberg
+---
+ str2host.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/str2host.c b/str2host.c
+index b274b17..f2a317b 100644
+--- a/str2host.c
++++ b/str2host.c
+@@ -1525,8 +1525,10 @@ ldns_str2rdf_long_str(ldns_rdf **rd, const char *str)
+ 	if (! str) {
+ 		return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
+ 	}
+-	length = (size_t)(dp - data);
+-
++	if (!(length = (size_t)(dp - data))) {
++		LDNS_FREE(data);
++		return LDNS_STATUS_SYNTAX_EMPTY;
++	}
+ 	/* Lose the overmeasure */
+ 	data = LDNS_XREALLOC(dp = data, uint8_t, length);
+ 	if (! data) {
+-- 
+2.9.5
+
-- 
2.30.2