Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP1
netcdf.21641
Fix-for-CVE-2019-20200-ezxml-bug-19.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File Fix-for-CVE-2019-20200-ezxml-bug-19.patch of Package netcdf.21641
From: Egbert Eich <eich@suse.com> Date: Mon Oct 25 15:38:22 2021 +0200 Subject: Fix for CVE-2019-20200 / ezxml bug 19 Patch-mainline: Not yet Git-commit: e350cbc3d4509526ebb78efbcc07ba21c32266d4 References: Make sure to not read past end of string after deleting '\r'. This fixes https://sourceforge.net/p/ezxml/bugs/19/ Signed-off-by: Egbert Eich <eich@suse.com> --- libdap4/ezxml.c | 1 + 1 file changed, 1 insertion(+) diff --git a/libdap4/ezxml.c b/libdap4/ezxml.c index 931ba24..17b2eb8 100644 --- a/libdap4/ezxml.c +++ b/libdap4/ezxml.c @@ -163,6 +163,7 @@ char *ezxml_decode(char *s, char **ent, char t) *(s++) = '\n'; if (*s == '\n') memmove(s, (s + 1), strlen(s)); } + if (!*s) break; // bug#19 / CVE-2019-20200 } for (s = r; ; ) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor