Blame SOURCES/wget-1.14-CVE-2017-13090.patch

87e294
@@ -, +, @@ 
87e294
 (CVE-2017-13090)
87e294
---
87e294
 src/retr.c | 6 ++++++
87e294
 1 file changed, 6 insertions(+)
87e294
--- a/src/retr.c	
87e294
+++ a/src/retr.c	
87e294
@@ -378,6 +378,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
87e294
               remaining_chunk_size = strtol (line, &endl, 16);
87e294
               xfree (line);
87e294
 
87e294
+              if (remaining_chunk_size < 0)
87e294
+                {
87e294
+                  ret = -1;
87e294
+                  break;
87e294
+                }
87e294
+
87e294
               if (remaining_chunk_size == 0)
87e294
                 {
87e294
                   ret = 0;
87e294
--