Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
python3-libmount.26138
util-linux-libuuid-uuid_parse-overrun.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File util-linux-libuuid-uuid_parse-overrun.patch of Package python3-libmount.26138
From 8596101d21a9bdc85388486ec9c431c114a443e3 Mon Sep 17 00:00:00 2001 From: Zane van Iperen <zane@zanevaniperen.com> Date: Wed, 16 Feb 2022 00:57:17 +1000 Subject: [PATCH 1/4] libuuid: fix buffer overrun in uuid_parse_range() It attempts to access in_start[36], despite 35 being the maximum allowed index. Reported-by: Pierre-Anthony Lemieux <pal@palemieux.com> Signed-off-by: Zane van Iperen <zane@zanevaniperen.com> --- libuuid/src/parse.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) Index: util-linux-2.33.2/libuuid/src/parse.c =================================================================== --- util-linux-2.33.2.orig/libuuid/src/parse.c +++ util-linux-2.33.2/libuuid/src/parse.c @@ -48,7 +48,7 @@ int uuid_parse(const char *in, uuid_t uu if (strlen(in) != 36) return -1; - for (i=0, cp = in; i <= 36; i++,cp++) { + for (i=0, cp = in; i < 36; i++,cp++) { if ((i == 8) || (i == 13) || (i == 18) || (i == 23)) { if (*cp == '-') @@ -56,9 +56,7 @@ int uuid_parse(const char *in, uuid_t uu else return -1; } - if (i== 36) - if (*cp == 0) - continue; + if (!isxdigit(*cp)) return -1; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor