Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
libXpm.30890
U_0003-Fix-CVE-2023-43789-Out-of-bounds-read-on...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File U_0003-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch of Package libXpm.30890
From 7e21cb63b9a1ca760a06cc4cd9b19bbc3fcd8f51 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith <alan.coopersmith@oracle.com> Date: Sat, 29 Apr 2023 18:30:34 -0700 Subject: [PATCH libXpm 3/7] Fix CVE-2023-43789: Out of bounds read on XPM with corrupted colormap Found with clang's libfuzzer Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> --- src/data.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/data.c b/src/data.c index 0b0f1f3..6e87455 100644 --- a/src/data.c +++ b/src/data.c @@ -259,13 +259,13 @@ xpmNextWord( int c; if (!data->type || data->type == XPMBUFFER) { - while (isspace(c = *data->cptr) && c != data->Eos) + while ((c = *data->cptr) && isspace(c) && (c != data->Eos)) data->cptr++; do { c = *data->cptr++; *buf++ = c; n++; - } while (!isspace(c) && c != data->Eos && n < buflen); + } while (c && !isspace(c) && (c != data->Eos) && (n < buflen)); n--; data->cptr--; } else { -- 2.39.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor