Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
curl.28253
curl-CVE-2016-8617.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File curl-CVE-2016-8617.patch of Package curl.28253
From 32ae8ba41b5dbf26dabe884ac4aa12597d1d96b9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg <daniel@haxx.se> Date: Wed, 28 Sep 2016 00:05:12 +0200 Subject: [PATCH] base64: check for integer overflow on large input --- lib/base64.c | 5 +++++ 1 file changed, 5 insertions(+) Index: curl-7.37.0/lib/base64.c =================================================================== --- curl-7.37.0.orig/lib/base64.c 2014-04-25 14:01:03.000000000 +0200 +++ curl-7.37.0/lib/base64.c 2016-10-20 15:05:39.902762057 +0200 @@ -205,6 +205,11 @@ CURLcode Curl_base64_encode(struct Sessi if(0 == insize) insize = strlen(indata); +#if SIZEOF_SIZE_T == 4 + if(insize > UINT_MAX/4) + return CURLE_OUT_OF_MEMORY; +#endif + base64data = output = malloc(insize*4/3+4); if(NULL == output) return CURLE_OUT_OF_MEMORY;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor