rpms / autofs

Clone
Source Code
GIT

Blame SOURCES/autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c8-beta
  2.   SOURCES
  3.   autofs-5.1.8-fix-loop-under-run-in-cache_get_offset_parent.patch
Blob History Raw
f3080c 
autofs-5.1.8 - fix loop under run in cache_get_offset_parent()
f3080c
f3080c 
From: Frank Sorenson <sorenson@redhat.com>
f3080c
f3080c 
To avoid reading memory outside of the the string
f3080c 
allocated for parent, tail needs to stop when it
f3080c 
reaches or passes parent, even if it doesn't
f3080c 
actually equal parent.
f3080c
f3080c 
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
f3080c 
---
f3080c 
 CHANGELOG   |    1 +
f3080c 
 lib/cache.c |    2 +-
f3080c 
 2 files changed, 2 insertions(+), 1 deletion(-)
f3080c
f3080c 
--- autofs-5.1.4.orig/CHANGELOG
f3080c 
+++ autofs-5.1.4/CHANGELOG
f3080c 
@@ -86,6 +86,7 @@
f3080c 
 - fix root offset error handling.
f3080c 
 - fix nonstrict fail handling of last offset mount.
f3080c 
 - dont fail on duplicate offset entry tree add.
f3080c 
+- fix loop under run in cache_get_offset_parent().
f3080c
f3080c 
 xx/xx/2018 autofs-5.1.5
f3080c 
 - fix flag file permission.
f3080c 
--- autofs-5.1.4.orig/lib/cache.c
f3080c 
+++ autofs-5.1.4/lib/cache.c
f3080c 
@@ -680,7 +680,7 @@ struct mapent *cache_get_offset_parent(s
f3080c 
 		*tail = 0;
f3080c
f3080c 
 		tail--;
f3080c 
-		if (tail == parent)
f3080c 
+		if (tail <= parent)
f3080c 
 			break;
f3080c
f3080c 
 		me = cache_lookup_distinct(mc, parent);

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation