Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP4:FactoryCandidates
snack
snack-CVE-2012-6303.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File snack-CVE-2012-6303.patch of Package snack
Index: snack2.2.10/generic/jkSoundFile.c =================================================================== --- snack2.2.10.orig/generic/jkSoundFile.c +++ snack2.2.10/generic/jkSoundFile.c @@ -1793,7 +1793,14 @@ static int GetHeaderBytes(Sound *s, Tcl_Interp *interp, Tcl_Channel ch, char *buf, int len) { - int rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead); + int rlen; + + if (len > max(CHANNEL_HEADER_BUFFER, HEADBUF)){ + Tcl_AppendResult(interp, "Excessive header size", NULL); + return TCL_ERROR; + } + + rlen = Tcl_Read(ch, &buf[s->firstNRead], len - s->firstNRead); if (rlen < len - s->firstNRead){ Tcl_AppendResult(interp, "Failed reading header bytes", NULL);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
