Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP6:Update
dbus-broker
fix-upstream-CVE-2022-31213.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File fix-upstream-CVE-2022-31213.patch of Package dbus-broker
From 8b82a8cf51b6b85ae343e2e7842edd06b8cb0798 Mon Sep 17 00:00:00 2001 From: David Rheinsberg <david.rheinsberg@gmail.com> Date: Thu, 12 May 2022 13:06:00 +0200 Subject: [PATCH] c-shquote: avoid calls to mem*() with NULL The different mem*() functions from the standard library do not allow NULL with empty areas. Use the replacements from c-stdaux or guard against such calls properly. Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com> --- subprojects/c-shquote/src/c-shquote.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) Index: dbus-broker-28/subprojects/c-shquote/src/c-shquote.c =================================================================== --- dbus-broker-28.orig/subprojects/c-shquote/src/c-shquote.c +++ dbus-broker-28/subprojects/c-shquote/src/c-shquote.c @@ -28,7 +28,7 @@ int c_shquote_append_str(char **outp, if (n_in > *n_outp) return C_SHQUOTE_E_NO_SPACE; - memcpy(*outp, in, n_in); + c_memcpy(*outp, in, n_in); *outp += n_in; *n_outp -= n_in; @@ -103,9 +103,10 @@ size_t c_shquote_strncspn(const char *st bool buffer[UCHAR_MAX + 1] = {}; if (strlen(reject) == 1) { - const char *p; + const char *p = NULL; - p = memchr(string, reject[0], n_string); + if (n_string > 0) + p = memchr(string, reject[0], n_string); if (!p) return n_string; else @@ -600,7 +601,7 @@ _c_public_ int c_shquote_parse_argv(char char *out; int r; - if (memchr(input, '\0', n_input)) + if (n_input > 0 && memchr(input, '\0', n_input)) return C_SHQUOTE_E_CONTAINS_NULL; buffer = malloc(n_input + 1); @@ -651,7 +652,7 @@ _c_public_ int c_shquote_parse_argv(char return -ENOMEM; out = (char *)(argv + argc + 1); - memcpy(out, buffer, n_out); + c_memcpy(out, buffer, n_out); /* * We now have the argv-array pre-allocated and the tokenized strings Index: dbus-broker-28/subprojects/c-stdaux/src/c-stdaux.h =================================================================== --- dbus-broker-28.orig/subprojects/c-stdaux/src/c-stdaux.h +++ dbus-broker-28/subprojects/c-stdaux/src/c-stdaux.h @@ -470,6 +470,57 @@ static inline int c_errno(void) { return _c_likely_(errno > 0) ? errno : ENOTRECOVERABLE; } +/** + * c_memset() - Fill memory region with constant byte + * @p: Pointer to memory region, if non-empty + * @c: Value to fill with + * @n: Size of the memory region in bytes + * + * This function works like ``memset(3)`` if ``n`` is non-zero. If ``n`` is + * zero, this function is a no-op. Therefore, unlike ``memset(3)`` it is safe + * to call this function with ``NULL`` as ``p`` if ``n`` is 0. + * + * Return: ``p`` is returned. + */ +static inline void *c_memset(void *p, int c, size_t n) { + if (n > 0) + memset(p, c, n); + return p; +} + +/** + * c_memzero() - Clear memory area + * @p: Pointer to memory region, if non-empty + * @n: Size of the memory region in bytes + * + * Clear a memory area to 0. If the memory area is empty, this is a no-op. + * Similar to ``c_memset()``, this function allows ``p`` to be ``NULL`` if the + * area is empty. + * + * Return: ``p`` is returned. + */ +static inline void *c_memzero(void *p, size_t n) { + return c_memset(p, 0, n); +} + +/** + * c_memcpy() - Copy memory area + * @dst: Pointer to target area + * @src: Pointer to source area + * @n: Length of area to copy + * + * Copy the memory of size ``n`` from ``src`` to ``dst``, just as ``memcpy(3)`` + * does, except this function allows either to be ``NULL`` if ``n`` is zero. In + * the latter case, the operation is a no-op. + * + * Return: ``p`` is returned. + */ +static inline void *c_memcpy(void *dst, const void *src, size_t n) { + if (n > 0) + memcpy(dst, src, n); + return dst; +} + /* * Common Destructors *
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor