Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
liblouis.28560
liblouis-CVE-2022-31783.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File liblouis-CVE-2022-31783.patch of Package liblouis.28560
From 2e4772befb2b1c37cb4b9d6572945115ee28630a Mon Sep 17 00:00:00 2001 From: Christian Egli <christian.egli@sbs.ch> Date: Wed, 25 May 2022 18:08:36 +0200 Subject: [PATCH] Prevent an invalid memory writes in compileRule Thanks to Han Zheng for reporting it Fixes #1214 --- liblouis/compileTranslationTable.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/liblouis/compileTranslationTable.c b/liblouis/compileTranslationTable.c index 482ff1a6..43785245 100644 --- a/liblouis/compileTranslationTable.c +++ b/liblouis/compileTranslationTable.c @@ -3821,12 +3821,14 @@ doOpcode: case CTO_SeqAfterExpression: if (!getRuleCharsText(file, &ruleChars)) return 0; - for ((*table)->seqAfterExpressionLength = 0; - (*table)->seqAfterExpressionLength < ruleChars.length; - (*table)->seqAfterExpressionLength++) - (*table)->seqAfterExpression[(*table)->seqAfterExpressionLength] = - ruleChars.chars[(*table)->seqAfterExpressionLength]; - (*table)->seqAfterExpression[(*table)->seqAfterExpressionLength] = 0; + if ((ruleChars.length + 1) > SEQPATTERNSIZE) { + compileError(file, "More than %d characters", SEQPATTERNSIZE); + return 0; + } + for (int k = 0; k < ruleChars.length; k++) + (*table)->seqAfterExpression[k] = ruleChars.chars[k]; + (*table)->seqAfterExpression[ruleChars.length] = 0; + (*table)->seqAfterExpressionLength = ruleChars.length; return 1; case CTO_CapsModeChars: -- 2.36.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor