Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
unzip
CVE-2022-0529.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2022-0529.patch of Package unzip
From: Enrico Zini <enrico@debian.org> Subject: Fix wide string conversion Bug-Debian: https://bugs.debian.org/1010355 X-Debian-version: 6.0-27 --- a/process.c +++ b/process.c @@ -2507,13 +2507,15 @@ char buf[9]; char *buffer = NULL; char *local_string = NULL; + size_t buffer_size; for (wsize = 0; wide_string[wsize]; wsize++) ; if (max_bytes < MAX_ESCAPE_BYTES) max_bytes = MAX_ESCAPE_BYTES; - if ((buffer = (char *)malloc(wsize * max_bytes + 1)) == NULL) { + buffer_size = wsize * max_bytes + 1; + if ((buffer = (char *)malloc(buffer_size)) == NULL) { return NULL; } @@ -2552,7 +2554,11 @@ /* no MB for this wide */ /* use escape for wide character */ char *escape_string = wide_to_escape_string(wide_string[i]); - strcat(buffer, escape_string); + size_t buffer_len = strlen(buffer); + size_t escape_string_len = strlen(escape_string); + if (buffer_len + escape_string_len + 1 > buffer_size) + escape_string_len = buffer_size - buffer_len - 1; + strncat(buffer, escape_string, escape_string_len); free(escape_string); } }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor