Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
git.2224
0012-CVE-2016-2324-path_name-overflow-fix.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0012-CVE-2016-2324-path_name-overflow-fix.patch of Package git.2224
--- revision.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) --- a/revision.c +++ b/revision.c @@ -23,14 +23,20 @@ char *path_name(const struct name_path * { const struct name_path *p; char *n, *m; - int nlen = strlen(name); - int len = nlen + 1; + size_t nlen = strlen(name); + size_t len = nlen + 1; + if (len >= INT_MAX) + goto error; for (p = path; p; p = p->up) { if (p->elem_len) len += p->elem_len + 1; + if (len >= INT_MAX) + goto error; } n = xmalloc(len); + if (!n) + goto error; m = n + len - (nlen + 1); memcpy(m, name, nlen + 1); for (p = path; p; p = p->up) { @@ -41,6 +47,14 @@ char *path_name(const struct name_path * } } return n; + + error: + /* FIXME: better to return an error, but the caller of this function + * doesn't do any NULL-checks, so it's safer to exit forcibly + */ + exit(1); + + return NULL; } static int show_path_component_truncated(FILE *out, const char *name, int len)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
