Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP4:FactoryCandidates
dcmtk
0001-Fixed-two-segmentation-faults.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Fixed-two-segmentation-faults.patch of Package dcmtk
From c78e434c0c5f9d932874f0b17a8b4ce305ca01f5 Mon Sep 17 00:00:00 2001 From: Marco Eichelberg <dicom@offis.de> Date: Wed, 13 Mar 2024 17:15:58 +0100 Subject: [PATCH] Fixed two segmentation faults. Fixed two segmentations faults that could occur while processing an invalid incoming DIMSE message due to insufficient error handling causing a de-referenced NULL pointer. Thanks to Nils Bars <nils.bars@rub.de> for the bug report and sample files. This closes DCMTK issue #1114. --- dcmdata/libsrc/dcelem.cc | 9 ++++++++- dcmnet/libsrc/dimcmd.cc | 33 ++++++++++++++++++--------------- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/dcmdata/libsrc/dcelem.cc b/dcmdata/libsrc/dcelem.cc index 1524904be..3b9cc2bf7 100644 --- a/dcmdata/libsrc/dcelem.cc +++ b/dcmdata/libsrc/dcelem.cc @@ -1,6 +1,6 @@ /* * - * Copyright (C) 1994-2023, OFFIS e.V. + * Copyright (C) 1994-2024, OFFIS e.V. * All rights reserved. See COPYRIGHT file for details. * * This software and supporting documentation were developed by @@ -717,6 +717,13 @@ OFCondition DcmElement::loadValue(DcmInputStream *inStream) if (isStreamNew) delete readStream; } + else + { + errorFlag = EC_InvalidStream; // incomplete dataset read from stream + DCMDATA_ERROR("DcmElement: " << getTagName() << " " << getTag() + << " larger (" << getLengthField() << ") than remaining bytes (" + << getTransferredBytes() << ") in file, premature end of stream"); + } } /* return result value */ return errorFlag; diff --git a/dcmnet/libsrc/dimcmd.cc b/dcmnet/libsrc/dimcmd.cc index 6dca39546..ffd225f4b 100644 --- a/dcmnet/libsrc/dimcmd.cc +++ b/dcmnet/libsrc/dimcmd.cc @@ -1,6 +1,6 @@ /* * - * Copyright (C) 1994-2022, OFFIS e.V. + * Copyright (C) 1994-2024, OFFIS e.V. * All rights reserved. See COPYRIGHT file for details. * * This software and supporting documentation were partly developed by @@ -205,22 +205,25 @@ getString(DcmDataset *obj, DcmTagKey t, char *s, int maxlen, OFBool *spacePadded return parseErrorWithMsg("dimcmd:getString: string too small", t); } else { ec = elem->getString(aString); - strncpy(s, aString, maxlen); - if (spacePadded) + if (ec.good()) { - /* before we remove leading and tailing spaces we want to know - * whether the string is actually space padded. Required to communicate - * with dumb peers which send space padded UIDs and fail if they - * receive correct UIDs back. - * - * This test can only detect space padded strings if - * dcmEnableAutomaticInputDataCorrection is false; otherwise the padding - * has already been removed by dcmdata at this stage. - */ - size_t s_len = strlen(s); - if ((s_len > 0)&&(s[s_len-1] == ' ')) *spacePadded = OFTrue; else *spacePadded = OFFalse; + strncpy(s, aString, maxlen); + if (spacePadded) + { + /* before we remove leading and tailing spaces we want to know + * whether the string is actually space padded. Required to communicate + * with dumb peers which send space padded UIDs and fail if they + * receive correct UIDs back. + * + * This test can only detect space padded strings if + * dcmEnableAutomaticInputDataCorrection is false; otherwise the padding + * has already been removed by dcmdata at this stage. + */ + size_t s_len = strlen(s); + if ((s_len > 0)&&(s[s_len-1] == ' ')) *spacePadded = OFTrue; else *spacePadded = OFFalse; + } + DU_stripLeadingAndTrailingSpaces(s); } - DU_stripLeadingAndTrailingSpaces(s); } } return (ec.good())? ec : DIMSE_PARSEFAILED; -- 2.44.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
