Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP5:GA
netcdf
Fix-for-CVE-2021-26222-ezxml-bug-22.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File Fix-for-CVE-2021-26222-ezxml-bug-22.patch of Package netcdf
From: Egbert Eich <eich@suse.com> Date: Mon Oct 25 15:48:44 2021 +0200 Subject: Fix for CVE-2021-26222 / ezxml bug 22 Make sure malloc() succeeds. This fixes https://sourceforge.net/p/ezxml/bugs/22/ Signed-off-by: Egbert Eich <eich@suse.com> --- netcdf-c-4.8.0/libdap4/ezxml.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/netcdf-c-4.8.0/libdap4/ezxml.c b/netcdf-c-4.8.0/libdap4/ezxml.c index 6c535ff..1258b67 100644 --- a/libdap4/ezxml.c +++ b/libdap4/ezxml.c @@ -805,12 +805,14 @@ ezxml_t ezxml_new(const char *name) static const char *entities[] = { "lt;", "<", "gt;", ">", "quot;", """, "apos;", "'", "amp;", "&", NULL }; ezxml_root_t root; + char **p_ent; if (!(root = malloc(sizeof(struct ezxml_root)))) return NULL; // bug#21 root = (ezxml_root_t)memset(root, '\0', sizeof(struct ezxml_root)); root->xml.name = (char *)name; + if (!(p_ent = malloc(sizeof(entities)))) { free(root); return NULL; }; // bug#22 CVE-2021-26222 root->cur = &root->xml; strcpy(root->err, root->xml.txt = ""); - root->ent = memcpy(malloc(sizeof(entities)), entities, sizeof(entities)); + root->ent = memcpy(p_ent, entities, sizeof(entities)); root->attr = root->pi = (char ***)(root->xml.attr = (char**)EZXML_NIL); return &root->xml; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor