rpms / wget

Clone
Source Code
GIT

Blame SOURCES/wget-1.14-CVE-2017-13090.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8-init-modify c8s c9 c9-beta
  1.   87e294a910010e9c49308333ae3245c304f1e6d3
  2.   SOURCES
  3.   wget-1.14-CVE-2017-13090.patch
Blob History Raw
87e294 
@@ -, +, @@
87e294 
 (CVE-2017-13090)
87e294 
---
87e294 
 src/retr.c | 6 ++++++
87e294 
 1 file changed, 6 insertions(+)
87e294 
--- a/src/retr.c
87e294 
+++ a/src/retr.c
87e294 
@@ -378,6 +378,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
87e294 
               remaining_chunk_size = strtol (line, &endl, 16);
87e294 
               xfree (line);
87e294
87e294 
+              if (remaining_chunk_size < 0)
87e294 
+                {
87e294 
+                  ret = -1;
87e294 
+                  break;
87e294 
+                }
87e294 
+
87e294 
               if (remaining_chunk_size == 0)
87e294 
                 {
87e294 
                   ret = 0;
87e294 
--

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation