Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP4:FactoryCandidates
sharutils
sharutils-CVE-2018-1000097-fix_buffer_overflow....
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File sharutils-CVE-2018-1000097-fix_buffer_overflow.patch of Package sharutils
--- src/unshar.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Index: src/unshar.c =================================================================== --- src/unshar.c.orig 2015-01-07 03:14:10.000000000 +0100 +++ src/unshar.c 2018-03-13 10:21:47.491268510 +0100 @@ -107,7 +107,8 @@ looks_like_c_code (char const * buf) static bool looks_like_shell_code (char const * buf) { - while (isspace ((int) *buf)) buf++; + intptr_t buf_end = (intptr_t)buf + rw_base_size; + while (isspace ((int) *buf) && buf < buf_end) buf++; switch (*buf) { case '#': case ':': @@ -240,7 +241,7 @@ find_archive (char const * name, FILE * off_t position = ftello (file); /* Read next line, fail if no more and no previous process. */ - if (!fgets (rw_buffer, BUFSIZ, file)) + if (!fgets (rw_buffer, GET_PAGE_SIZE, file)) { if (!start) error (0, 0, _("Found no shell commands in %s"), name);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor