rpms / autofs

Clone
Source Code
GIT

Blame SOURCES/autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c8
  2.   SOURCES
  3.   autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch
Blob History Raw
b07c2e 
autofs-5.1.8 - fix loop under run in cache_get_offset_parent()
b07c2e
b07c2e 
From: Frank Sorenson <sorenson@redhat.com>
b07c2e
b07c2e 
To avoid reading memory outside of the the string
b07c2e 
allocated for parent, tail needs to stop when it
b07c2e 
reaches or passes parent, even if it doesn't
b07c2e 
actually equal parent.
b07c2e
b07c2e 
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
b07c2e 
---
b07c2e 
 CHANGELOG   |    1 +
b07c2e 
 lib/cache.c |    2 +-
b07c2e 
 2 files changed, 2 insertions(+), 1 deletion(-)
b07c2e
b07c2e 
--- autofs-5.1.4.orig/CHANGELOG
b07c2e 
+++ autofs-5.1.4/CHANGELOG
b07c2e 
@@ -86,6 +86,7 @@
b07c2e 
 - fix root offset error handling.
b07c2e 
 - fix nonstrict fail handling of last offset mount.
b07c2e 
 - dont fail on duplicate offset entry tree add.
b07c2e 
+- fix loop under run in cache_get_offset_parent().
b07c2e
b07c2e 
 xx/xx/2018 autofs-5.1.5
b07c2e 
 - fix flag file permission.
b07c2e 
--- autofs-5.1.4.orig/lib/cache.c
b07c2e 
+++ autofs-5.1.4/lib/cache.c
b07c2e 
@@ -680,7 +680,7 @@ struct mapent *cache_get_offset_parent(s
b07c2e 
 		*tail = 0;
b07c2e
b07c2e 
 		tail--;
b07c2e 
-		if (tail == parent)
b07c2e 
+		if (tail <= parent)
b07c2e 
 			break;
b07c2e
b07c2e 
 		me = cache_lookup_distinct(mc, parent);

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation