Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
uriparser
CVE-2024-34402.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2024-34402.patch of Package uriparser
From 760ade2947415dbb100053cf793c2f96fe257386 Mon Sep 17 00:00:00 2001 From: Sebastian Pipping <sebastian@pipping.org> Date: Sun, 28 Apr 2024 21:26:45 +0200 Subject: [PATCH] Protect against integer overflow in ComposeQueryEngine Requires string input that is longer than INT_MAX to exploit. --- src/UriQuery.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) --- a/src/UriQuery.c +++ b/src/UriQuery.c @@ -67,6 +67,7 @@ #endif #include <limits.h> +#include <stddef.h> /* size_t */ @@ -202,16 +203,16 @@ int URI_FUNC(ComposeQueryEngine)(URI_CHA const URI_CHAR * const key = queryList->key; const URI_CHAR * const value = queryList->value; const int worstCase = (normalizeBreaks == URI_TRUE ? 6 : 3); - const int keyLen = (key == NULL) ? 0 : (int)URI_STRLEN(key); + const size_t keyLen = (key == NULL) ? 0 : URI_STRLEN(key); int keyRequiredChars; - const int valueLen = (value == NULL) ? 0 : (int)URI_STRLEN(value); + const size_t valueLen = (value == NULL) ? 0 : URI_STRLEN(value); int valueRequiredChars; - if ((keyLen >= INT_MAX / worstCase) || (valueLen >= INT_MAX / worstCase)) { + if ((keyLen >= (size_t)INT_MAX / worstCase) || (valueLen >= (size_t)INT_MAX / worstCase)) { return URI_ERROR_OUTPUT_TOO_LARGE; } - keyRequiredChars = worstCase * keyLen; - valueRequiredChars = worstCase * valueLen; + keyRequiredChars = worstCase * (int)keyLen; + valueRequiredChars = worstCase * (int)valueLen; if (dest == NULL) { if (firstItem == URI_TRUE) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor