Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
liblouis.28483
CVE-2018-11684.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-11684.patch of Package liblouis.28483
From fb2bfce4ed49ac4656a8f7e5b5526e4838da1dde Mon Sep 17 00:00:00 2001 From: Christian Egli <christian.egli@sbs.ch> Date: Mon, 4 Jun 2018 14:11:50 +0200 Subject: [PATCH] Fix yet another buffer overflow in the braille table parser Reported by Henri Salo Fixes #592 Rebased by Mike Gorse <mgorse@suse.com> --- diff -urp liblouis-3.3.0.orig/liblouis/compileTranslationTable.c liblouis-3.3.0/liblouis/compileTranslationTable.c --- liblouis-3.3.0.orig/liblouis/compileTranslationTable.c 2018-08-08 10:36:16.356791029 -0500 +++ liblouis-3.3.0/liblouis/compileTranslationTable.c 2018-08-08 11:02:12.561892590 -0500 @@ -5295,6 +5295,10 @@ includeFile (FileInfo * nested, CharsStr int rv; for (k = 0; k < includedFile->length; k++) includeThis[k] = (char) includedFile->chars[k]; + if (k >= MAXSTRING) { + compileError(nested, "Include statement too long: 'include %s'", includeThis); + return 0; + } includeThis[k] = 0; tableFiles = _lou_resolveTable (includeThis, nested->fileName); if (tableFiles == NULL) @@ -5304,9 +5308,10 @@ includeFile (FileInfo * nested, CharsStr } if (tableFiles[1] != NULL) { - errorCount++; free_tablefiles(tableFiles); - _lou_logMessage (LOG_ERROR, "Table list not supported in include statement: 'include %s'", includeThis); + compileError(nested, + "Table list not supported in include statement: 'include %s'", + includeThis); return 0; } rv = compileFile (*tableFiles, characterClasses, characterClassAttribute, opcodeLengths, newRuleOffset, newRule, ruleNames);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor