rpms / patch

Clone
Source Code
GIT

Blame SOURCES/patch-2.7.6-CVE-2018-17942.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   796689739dfe82f1ec1e19f3cec7a6c295319173
  2.   SOURCES
  3.   patch-2.7.6-CVE-2018-17942.patch
Blob History Raw
796689 
diff -up patch-2.7.6/lib/vasnprintf.c.me patch-2.7.6/lib/vasnprintf.c
796689 
--- patch-2.7.6/lib/vasnprintf.c.me	2018-11-26 14:02:03.401718842 +0100
796689 
+++ patch-2.7.6/lib/vasnprintf.c	2018-11-26 14:03:02.923913446 +0100
796689 
@@ -860,7 +860,9 @@ convert_to_decimal (mpn_t a, size_t extr
796689 
   size_t a_len = a.nlimbs;
796689 
   /* 0.03345 is slightly larger than log(2)/(9*log(10)).  */
796689 
   size_t c_len = 9 * ((size_t)(a_len * (GMP_LIMB_BITS * 0.03345f)) + 1);
796689 
-  char *c_ptr = (char *) malloc (xsum (c_len, extra_zeroes));
796689 
+  /* We need extra_zeroes bytes for zeroes, followed by c_len bytes for the
796689 
+     digits of a, followed by 1 byte for the terminating NUL.  */
796689 
+  char *c_ptr = (char *) malloc (xsum (xsum (extra_zeroes, c_len), 1));
796689 
   if (c_ptr != NULL)
796689 
     {
796689 
       char *d_ptr = c_ptr;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation