rpms / file

Clone
Source Code
GIT

Blame SOURCES/file-5.33-CVE-2018-10360.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   7d43850ac25e1386737302d33cf519d6003eefec
  2.   SOURCES
  3.   file-5.33-CVE-2018-10360.patch
Blob History Raw
dfeaf0 
From 8616080aecf07436e80a27f68c336382c1d1c22d Mon Sep 17 00:00:00 2001
dfeaf0 
From: Christos Zoulas <christos@zoulas.com>
dfeaf0 
Date: Sat, 9 Jun 2018 16:00:06 +0000
dfeaf0 
Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis)
dfeaf0
dfeaf0 
Upstream-commit: a642587a9c9e2dd7feacdf513c3643ce26ad3c22
dfeaf0 
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
dfeaf0 
---
dfeaf0 
 src/readelf.c | 3 ++-
dfeaf0 
 1 file changed, 2 insertions(+), 1 deletion(-)
dfeaf0
dfeaf0 
diff --git a/src/readelf.c b/src/readelf.c
dfeaf0 
index 3df0836..d96a538 100644
dfeaf0 
--- a/src/readelf.c
dfeaf0 
+++ b/src/readelf.c
dfeaf0 
@@ -825,7 +825,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
dfeaf0
dfeaf0 
 				cname = (unsigned char *)
dfeaf0 
 				    &nbuf[doff + prpsoffsets(i)];
dfeaf0 
-				for (cp = cname; *cp && isprint(*cp); cp++)
dfeaf0 
+				for (cp = cname; cp < nbuf + size && *cp
dfeaf0 
+				    && isprint(*cp); cp++)
dfeaf0 
 					continue;
dfeaf0 
 				/*
dfeaf0 
 				 * Linux apparently appends a space at the end
dfeaf0 
--
dfeaf0 
2.14.4
dfeaf0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation