Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
home:bmwiedemann:reproducible:distribution:ring0rb
zziplib
CVE-2020-18770.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2020-18770.patch of Package zziplib
From 803f49aaae16b7f2899e4769afdfc673a21fa9e8 Mon Sep 17 00:00:00 2001 From: Guido Draheim <guidod@gmx.de> Date: Mon, 26 Feb 2024 23:17:12 +0100 Subject: [PATCH] #69 assert full zzip_file_header --- zzip/mmapped.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/zzip/mmapped.c b/zzip/mmapped.c index 2071882..306ba51 100644 --- a/zzip/mmapped.c +++ b/zzip/mmapped.c @@ -276,7 +276,8 @@ struct zzip_file_header * zzip_disk_entry_to_file_header(ZZIP_DISK * disk, struct zzip_disk_entry *entry) { zzip_byte_t *const ptr = disk->buffer + zzip_disk_entry_fileoffset(entry); - if (disk->buffer > ptr || ptr >= disk->endbuf) + zzip_byte_t *const end = ptr + sizeof(struct zzip_file_header); + if (disk->buffer > ptr || end >= disk->endbuf || end <= NULL) { debug2("file header: offset out of bounds (0x%llx)", (long long unsigned)(disk->buffer)); errno = EBADMSG; -- 2.35.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
