Telegram-iOS icon indicating copy to clipboard operation
Telegram-iOS copied to clipboard
Published 1 month ago verified publisher icon TelegramMessenger

evdns: name_parse(): fix remote stack overread

Open npt-1707 opened this issue 8 months ago • 1 comments

Description This PR added a bounds check before memcpy operation in name_parse() function to prevent potential out-of-bounds reads. This potential vulnerability was cloned from libevent and was fixed in libevent/libevent@96f64a0.

Reference: libevent/libevent@96f64a0 CVE-2016-10195

npt-1707 avatar Apr 14 '25 18:04 npt-1707

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar May 15 '25 08:05 CLAassistant