Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
uriparser
CVE-2018-19198.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-19198.patch of Package uriparser
Index: uriparser-uriparser-0.8.5/src/UriQuery.c =================================================================== --- uriparser-uriparser-0.8.5.orig/src/UriQuery.c +++ uriparser-uriparser-0.8.5/src/UriQuery.c @@ -223,6 +223,7 @@ int URI_FUNC(ComposeQueryEngine)(URI_CHA /* Copy key */ if (firstItem == URI_TRUE) { + ampersandLen = 1; firstItem = URI_FALSE; } else { write[0] = _UT('&'); Index: uriparser-uriparser-0.8.5/test/test.cpp =================================================================== --- uriparser-uriparser-0.8.5.orig/test/test.cpp +++ uriparser-uriparser-0.8.5/test/test.cpp @@ -103,6 +103,7 @@ public: TEST_ADD(UriSuite::testQueryList) TEST_ADD(UriSuite::testQueryListPair) TEST_ADD(UriSuite::testQueryDissection_Bug3590761) + TEST_ADD(UriSuite::testQueryCompositionMathWrite_GoogleAutofuzz113244572) TEST_ADD(UriSuite::testFreeCrash_Bug20080827) TEST_ADD(UriSuite::testParseInvalid_Bug16) TEST_ADD(UriSuite::testRangeComparison) @@ -1739,6 +1740,33 @@ Rule | Ex uriFreeQueryListA(queryList); } + void testQueryCompositionMathWrite_GoogleAutofuzz113244572() { + UriQueryListA second = { .key = "\x11", .value = NULL, .next = NULL }; + UriQueryListA first = { .key = "\x01", .value = "\x02", .next = &second }; + const UriBool spaceToPlus = URI_TRUE; + const UriBool normalizeBreaks = URI_FALSE; /* for factor 3 but 6 */ + const int charsRequired = (3 + 1 + 3) + 1 + (3); + { + // Minimum space to hold everything fine + const char * const expected = "%01=%02" "&" "%11"; + char dest[charsRequired + 1]; + int charsWritten; + TEST_ASSERT(uriComposeQueryExA(dest, &first, sizeof(dest), + &charsWritten, spaceToPlus, normalizeBreaks) + == URI_SUCCESS); + TEST_ASSERT(! strcmp(dest, expected)); + TEST_ASSERT(charsWritten == strlen(expected) + 1); + } + { + // Previous math failed to take ampersand into account + char dest[charsRequired + 1 - 1]; + int charsWritten; + TEST_ASSERT(uriComposeQueryExA(dest, &first, sizeof(dest), + &charsWritten, spaceToPlus, normalizeBreaks) + == URI_ERROR_OUTPUT_TOO_LARGE); + } + } + void testFreeCrash_Bug20080827() { char const * const sourceUri = "abc"; char const * const baseUri = "http://www.example.org/";
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor