Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
util-linux-systemd.35385
util-linux-libuuid-uuid_parse-overrun.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File util-linux-libuuid-uuid_parse-overrun.patch of Package util-linux-systemd.35385
From 8596101d21a9bdc85388486ec9c431c114a443e3 Mon Sep 17 00:00:00 2001 From: Zane van Iperen <zane@zanevaniperen.com> Date: Wed, 16 Feb 2022 00:57:17 +1000 Subject: [PATCH 1/4] libuuid: fix buffer overrun in uuid_parse_range() It attempts to access in_start[36], despite 35 being the maximum allowed index. Reported-by: Pierre-Anthony Lemieux <pal@palemieux.com> Signed-off-by: Zane van Iperen <zane@zanevaniperen.com> --- libuuid/src/parse.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/libuuid/src/parse.c b/libuuid/src/parse.c index d0c69b0e6..c3e228112 100644 --- a/libuuid/src/parse.c +++ b/libuuid/src/parse.c @@ -58,16 +58,14 @@ int uuid_parse_range(const char *in_start, const char *in_end, uuid_t uu) if ((in_end - in_start) != 36) return -1; - for (i=0, cp = in_start; i <= 36; i++,cp++) { + for (i=0, cp = in_start; i < 36; i++,cp++) { if ((i == 8) || (i == 13) || (i == 18) || (i == 23)) { if (*cp == '-') continue; return -1; } - if (i== 36) - if (*cp == 0) - continue; + if (!isxdigit(*cp)) return -1; } -- 2.37.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor