Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
python-louis
0002-resolveSubtable-Fix-buffer-overflow-parsin...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0002-resolveSubtable-Fix-buffer-overflow-parsing-a-malfor.patch of Package python-louis
From d8cfdf1ab64a4c9c6685efe45bc735f68dac618c Mon Sep 17 00:00:00 2001 From: Mike Gorse <mgorse@suse.com> Date: Wed, 30 Aug 2017 12:53:02 -0500 Subject: [PATCH 2/4] resolveSubtable: Fix buffer overflow parsing a malformed table The subtable's name can theoretically be up to MAXSTRING characters long. The base name is then copied into a buffer, and the subtable's name is appended, so we should allocate more than MAXSTRING bytes for the buffer. Fixes CVE-2017-13739, CVE-2017-13740, and CVE-2017-13742. --- diff -urp liblouis-2.6.4.orig/liblouis/compileTranslationTable.c liblouis-2.6.4/liblouis/compileTranslationTable.c --- liblouis-2.6.4.orig/liblouis/compileTranslationTable.c 2017-09-06 16:06:31.426391744 -0500 +++ liblouis-2.6.4/liblouis/compileTranslationTable.c 2017-09-06 16:07:30.870652352 -0500 @@ -4529,7 +4529,7 @@ resolveSubtable (const char *table, cons if (table == NULL || table[0] == '\0') return NULL; - tableFile = (char *) malloc (MAXSTRING * sizeof(char)); + tableFile = (char *) malloc (MAXSTRING * sizeof(char) * 2); // // First try to resolve against base
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor