Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
python-louis
0003-Fix-possible-use-after-free-when-calling-c...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0003-Fix-possible-use-after-free-when-calling-compileBrai.patch of Package python-louis
From af5791ea792acc0a9707738001aa1df3daff7a66 Mon Sep 17 00:00:00 2001 From: Mike Gorse <mgorse@suse.com> Date: Wed, 30 Aug 2017 15:13:09 -0500 Subject: [PATCH 3/4] Fix possible use after free when calling compileBrailleIndicator CompileBrailleIndicator calls addRule, which may realloc the table header, so it is unsafe to pass an out parameter under the assumption that the value of table will not change. Fixes CVE-2017-13741. --- liblouis/compileTranslationTable.c | 89 ++++++++++++++++++++++++++++---------- 1 file changed, 67 insertions(+), 22 deletions(-) diff -urp liblouis-2.6.4.orig/liblouis/compileTranslationTable.c liblouis-2.6.4/liblouis/compileTranslationTable.c --- liblouis-2.6.4.orig/liblouis/compileTranslationTable.c 2017-09-06 16:08:02.942792868 -0500 +++ liblouis-2.6.4/liblouis/compileTranslationTable.c 2017-09-06 17:26:02.312481694 -0500 @@ -3817,6 +3817,7 @@ compileRule (FileInfo * nested) TranslationTableCharacterAttributes after = 0; TranslationTableCharacterAttributes before = 0; int k; + TranslationTableOffset tmp_offset; noback = nofor = 0; doOpcode: @@ -3849,54 +3850,70 @@ doOpcode: case CTO_Locale: break; case CTO_Undefined: + tmp_offset = table->undefined; ok = compileBrailleIndicator (nested, "undefined character opcode", - CTO_Undefined, &table->undefined); + CTO_Undefined, &tmp_offset); + table->undefined = tmp_offset; break; case CTO_CapitalSign: + tmp_offset = table->capitalSign; ok = compileBrailleIndicator (nested, "capital sign", CTO_CapitalRule, - &table->capitalSign); + &tmp_offset); + table->capitalSign = tmp_offset; break; case CTO_BeginCapitalSign: + tmp_offset = table->beginCapitalSign; ok = compileBrailleIndicator (nested, "begin capital sign", CTO_BeginCapitalRule, - &table->beginCapitalSign); + &tmp_offset); + table->beginCapitalSign = tmp_offset; break; case CTO_LenBegcaps: ok = table->lenBeginCaps = compileNumber (nested); break; case CTO_EndCapitalSign: + tmp_offset = table->endCapitalSign; ok = compileBrailleIndicator (nested, "end capitals sign", - CTO_EndCapitalRule, &table->endCapitalSign); + CTO_EndCapitalRule, &tmp_offset); + table->endCapitalSign = tmp_offset; break; case CTO_FirstWordCaps: + tmp_offset = table->firstWordCaps; ok = compileBrailleIndicator (nested, "first word capital sign", CTO_FirstWordCapsRule, - &table->firstWordCaps); + &tmp_offset); + table->firstWordCaps = tmp_offset; break; case CTO_LastWordCapsBefore: + tmp_offset = table->lastWordCapsBefore; ok = compileBrailleIndicator (nested, "capital sign before last word", CTO_LastWordCapsBeforeRule, - &table->lastWordCapsBefore); + &tmp_offset); + table->lastWordCapsBefore = tmp_offset; break; case CTO_LastWordCapsAfter: + tmp_offset = table->lastWordCapsAfter; ok = compileBrailleIndicator (nested, "capital sign after last word", CTO_LastWordCapsAfterRule, - &table->lastWordCapsAfter); + &tmp_offset); + table->lastWordCapsAfter = tmp_offset; break; case CTO_LenCapsPhrase: ok = table->lenCapsPhrase = compileNumber (nested); break; case CTO_LetterSign: + tmp_offset = table->letterSign; ok = compileBrailleIndicator (nested, "letter sign", CTO_LetterRule, - &table->letterSign); + &tmp_offset); + table->letterSign = tmp_offset; break; case CTO_NoLetsignBefore: if (getRuleCharsText (nested, &ruleChars)) @@ -3940,160 +3957,208 @@ doOpcode: } break; case CTO_NumberSign: + tmp_offset = table->numberSign; ok = compileBrailleIndicator (nested, "number sign", CTO_NumberRule, - &table->numberSign); + &tmp_offset); + table->numberSign = tmp_offset; break; case CTO_FirstWordItal: + tmp_offset = table->firstWordItal; ok = compileBrailleIndicator (nested, "first word italic", CTO_FirstWordItalRule, - &table->firstWordItal); + &tmp_offset); + table->firstWordItal = tmp_offset; break; case CTO_ItalSign: case CTO_LastWordItalBefore: + tmp_offset = table->lastWordItalBefore; ok = compileBrailleIndicator (nested, "first word italic before", CTO_LastWordItalBeforeRule, - &table->lastWordItalBefore); + &tmp_offset); + table->lastWordItalBefore = tmp_offset; break; case CTO_LastWordItalAfter: + tmp_offset = table->lastWordItalAfter; ok = compileBrailleIndicator (nested, "last word italic after", CTO_LastWordItalAfterRule, - &table->lastWordItalAfter); + &tmp_offset); + table->lastWordItalAfter = tmp_offset; break; case CTO_BegItal: case CTO_FirstLetterItal: + tmp_offset = table->firstLetterItal; ok = compileBrailleIndicator (nested, "first letter italic", CTO_FirstLetterItalRule, - &table->firstLetterItal); + &tmp_offset); + table->firstLetterItal = tmp_offset; break; case CTO_EndItal: case CTO_LastLetterItal: + tmp_offset = table->lastLetterItal; ok = compileBrailleIndicator (nested, "last letter italic", CTO_LastLetterItalRule, - &table->lastLetterItal); + &tmp_offset); + table->lastLetterItal = tmp_offset; break; case CTO_SingleLetterItal: + tmp_offset = table->singleLetterItal; ok = compileBrailleIndicator (nested, "single letter italic", CTO_SingleLetterItalRule, - &table->singleLetterItal); + &tmp_offset); + table->singleLetterItal = tmp_offset; break; case CTO_ItalWord: + tmp_offset = table->italWord; ok = compileBrailleIndicator (nested, "italic word", CTO_ItalWordRule, - &table->italWord); + &tmp_offset); + table->italWord = tmp_offset; break; case CTO_LenItalPhrase: ok = table->lenItalPhrase = compileNumber (nested); break; case CTO_FirstWordBold: + tmp_offset = table->firstWordBold; ok = compileBrailleIndicator (nested, "first word bold", CTO_FirstWordBoldRule, - &table->firstWordBold); + &tmp_offset); + table->firstWordBold = tmp_offset; break; case CTO_BoldSign: case CTO_LastWordBoldBefore: + tmp_offset = table->lastWordBoldBefore; ok = compileBrailleIndicator (nested, "last word bold before", CTO_LastWordBoldBeforeRule, - &table->lastWordBoldBefore); + &tmp_offset); + table->lastWordBoldBefore = tmp_offset; break; case CTO_LastWordBoldAfter: + tmp_offset = table->lastWordBoldAfter; ok = compileBrailleIndicator (nested, "last word bold after", CTO_LastWordBoldAfterRule, - &table->lastWordBoldAfter); + &tmp_offset); + table->lastWordBoldAfter = tmp_offset; break; case CTO_BegBold: case CTO_FirstLetterBold: + tmp_offset = table->firstLetterBold; ok = compileBrailleIndicator (nested, "first letter bold", CTO_FirstLetterBoldRule, - &table->firstLetterBold); + &tmp_offset); + table->firstLetterBold = tmp_offset; break; case CTO_EndBold: case CTO_LastLetterBold: + tmp_offset = table->lastLetterBold; ok = compileBrailleIndicator (nested, "last letter bold", CTO_LastLetterBoldRule, - &table->lastLetterBold); + &tmp_offset); + table->lastLetterBold = tmp_offset; break; case CTO_SingleLetterBold: + tmp_offset = table->singleLetterBold; ok = compileBrailleIndicator (nested, "single letter bold", CTO_SingleLetterBoldRule, - &table->singleLetterBold); + &tmp_offset); + table->singleLetterBold = tmp_offset; break; case CTO_BoldWord: + tmp_offset = table->boldWord; ok = compileBrailleIndicator (nested, "bold word", CTO_BoldWordRule, - &table->boldWord); + &tmp_offset); + table->boldWord = tmp_offset; break; case CTO_LenBoldPhrase: ok = table->lenBoldPhrase = compileNumber (nested); break; case CTO_FirstWordUnder: + tmp_offset = table->firstWordUnder; ok = compileBrailleIndicator (nested, "first word underline", CTO_FirstWordUnderRule, - &table->firstWordUnder); + &tmp_offset); + table->firstWordUnder = tmp_offset; break; case CTO_UnderSign: case CTO_LastWordUnderBefore: + tmp_offset = table->lastWordUnderBefore; ok = compileBrailleIndicator (nested, "last word underline before", CTO_LastWordUnderBeforeRule, - &table->lastWordUnderBefore); + &tmp_offset); + table->lastWordUnderBefore = tmp_offset; break; case CTO_LastWordUnderAfter: + tmp_offset = table->lastWordUnderAfter; ok = compileBrailleIndicator (nested, "last word underline after", CTO_LastWordUnderAfterRule, - &table->lastWordUnderAfter); + &tmp_offset); + table->lastWordUnderAfter = tmp_offset; break; case CTO_BegUnder: case CTO_FirstLetterUnder: + tmp_offset = table->firstLetterUnder; ok = compileBrailleIndicator (nested, "first letter underline", CTO_FirstLetterUnderRule, - &table->firstLetterUnder); + &tmp_offset); + table->firstLetterUnder = tmp_offset; break; case CTO_EndUnder: case CTO_LastLetterUnder: + tmp_offset = table->lastLetterUnder; ok = compileBrailleIndicator (nested, "last letter underline", CTO_LastLetterUnderRule, - &table->lastLetterUnder); + &tmp_offset); + table->lastLetterUnder = tmp_offset; break; case CTO_SingleLetterUnder: + tmp_offset = table->singleLetterUnder; ok = compileBrailleIndicator (nested, "single letter underline", CTO_SingleLetterUnderRule, - &table->singleLetterUnder); + &tmp_offset); + table->singleLetterUnder = tmp_offset; break; case CTO_UnderWord: + tmp_offset = table->underWord; ok = compileBrailleIndicator (nested, "underlined word", CTO_UnderWordRule, - &table->underWord); + &tmp_offset); + table->underWord = tmp_offset; break; case CTO_LenUnderPhrase: ok = table->lenUnderPhrase = compileNumber (nested); break; case CTO_BegComp: + tmp_offset = table->begComp; ok = compileBrailleIndicator (nested, "begin computer braille", - CTO_BegCompRule, &table->begComp); + CTO_BegCompRule, &tmp_offset); + table->begComp = tmp_offset; break; case CTO_EndComp: + tmp_offset = table->endComp; ok = compileBrailleIndicator (nested, "end computer braslle", - CTO_EndCompRule, &table->endComp); + CTO_EndCompRule, &tmp_offset); + table->endComp = tmp_offset; break; case CTO_Syllable: table->syllables = 1;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor