Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3
gnuchess
CVE-2015-8972.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2015-8972.patch of Package gnuchess
From: aceballos Date: Tue Sep 20 21:35:52 2016 UTC Subject: Truncate user input if longer than 128 characters; otherwise, the program will crash. References: boo#1010143 CVE-2015-8972 Upstream: committed Index: trunk/src/frontend/move.cc =================================================================== --- trunk/src/frontend/move.cc (revision 133) +++ trunk/src/frontend/move.cc (revision 134) @@ -542,6 +542,11 @@ BitBoard b, b2; leaf *n1, *n2; + /* User input could be longer than MAXSTR */ + if ( strlen(s) >= MAXSTR ) { + s[MAXSTR-1] = '\0'; + } + TreePtr[2] = TreePtr[1]; GenMoves (1); FilterIllegalMoves (1);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor