Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
libxml2.1804
libxml2-2.9.1-CVE-2015-7497.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-2.9.1-CVE-2015-7497.patch of Package libxml2.1804
From 6360a31a84efe69d155ed96306b9a931a40beab9 Mon Sep 17 00:00:00 2001 From: David Drysdale <drysdale@google.com> Date: Fri, 20 Nov 2015 10:47:12 +0800 Subject: CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey For https://bugzilla.gnome.org/show_bug.cgi?id=756528 It was possible to hit a negative offset in the name indexing used to randomize the dictionary key generation Reported and fix provided by David Drysdale @ Google --- dict.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dict.c b/dict.c index 5f71d55..8c8f931 100644 --- a/dict.c +++ b/dict.c @@ -486,7 +486,10 @@ xmlDictComputeFastQKey(const xmlChar *prefix, int plen, value += 30 * (*prefix); if (len > 10) { - value += name[len - (plen + 1 + 1)]; + int offset = len - (plen + 1 + 1); + if (offset < 0) + offset = len - (10 + 1); + value += name[offset]; len = 10; if (plen > 10) plen = 10; -- cgit v0.11.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor