rpms / python-subprocess32

Clone
Source Code
GIT

Blame SOURCES/fix-heap-overflow.patch

c7 c7-alt c7-beta
  1.   c7
  2.   SOURCES
  3.   fix-heap-overflow.patch
Blob History Raw
546232 
diff -ru subprocess32-3.2.6/_posixsubprocess_helpers.c subprocess32-3.2.6_patched/_posixsubprocess_helpers.c
546232 
--- subprocess32-3.2.6/_posixsubprocess_helpers.c	2012-06-09 08:31:40.000000000 +0200
546232 
+++ subprocess32-3.2.6_patched/_posixsubprocess_helpers.c	2018-08-22 16:38:07.485734481 +0200
546232 
@@ -110,6 +110,12 @@
546232 
     if (argc == -1)
546232 
         return NULL;
546232
546232 
+    /* Avoid 32-bit overflows to malloc() from unreasonable values. */
546232 
+    if (argc > 0x10000000) {
546232 
+        PyErr_NoMemory();
546232 
+        return NULL;
546232 
+    }
546232 
+
546232 
     array = malloc((argc + 1) * sizeof(char *));
546232 
     if (array == NULL) {
546232 
         PyErr_NoMemory();

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation