Package: 8.1.1+dfsg1-1.1

Hello,

I have attached my patch to address CVE-2025-49112.

To create this fix, I referred to the official upstream patch, and I can confirm that it is working correctly. I have built and tested it successfully on trixie/ppc64el.

Thanks Trupti.
From 0b2378f76f978c3cebd54ff8a2eb542b2e6d866c Mon Sep 17 00:00:00 2001
From: Trupti Shirsat <[email protected]>
Date: Thu, 12 Jun 2025 10:36:12 +0000
Subject: [PATCH] CVE-2025-49112

---
 src/networking.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/networking.c b/src/networking.c
index 8d0af29..0b54308 100644
--- a/src/networking.c
+++ b/src/networking.c
@@ -859,7 +859,7 @@ void setDeferredReply(client *c, void *node, const char *s, size_t length) {
      * - It has enough room already allocated
      * - And not too large (avoid large memmove)
      * - And the client is not in a pending I/O state */
-    if (ln->prev != NULL && (prev = listNodeValue(ln->prev)) && prev->size - prev->used > 0 &&
+    if (ln->prev != NULL && (prev = listNodeValue(ln->prev)) && prev->used < prev->size &&
         c->io_write_state != CLIENT_PENDING_IO) {
         size_t len_to_copy = prev->size - prev->used;
         if (len_to_copy > length) len_to_copy = length;
-- 
2.47.2

Reply via email to