From 86a708f14714227355524b2d55ac956c2c4baf64 Mon Sep 17 00:00:00 2001
From: Gordon Tetlow <gordon@FreeBSD.org>
Date: Tue, 12 May 2020 16:54:39 +0000
Subject: [PATCH] Fix memory disclosure vulnerability in libalias.

Approved by:	so
Approved by:	re (implicit)
Security:	FreeBSD-SA-20:13.libalias
Security:	CVE-2020-7455
---
 sys/netinet/libalias/alias_ftp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/netinet/libalias/alias_ftp.c b/sys/netinet/libalias/alias_ftp.c
index ee93f4c5b14..f8e0a703345 100644
--- a/sys/netinet/libalias/alias_ftp.c
+++ b/sys/netinet/libalias/alias_ftp.c
@@ -754,7 +754,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
 		{
 			u_short new_len;
 
-			new_len = htons(hlen + slen);
+			new_len = htons(hlen +
+			    MIN(slen, maxpacketsize - hlen));
 			DifferentialChecksum(&pip->ip_sum,
 			    &new_len,
 			    &pip->ip_len,
-- 
2.45.0