3d0d00ffaf
http://hjemli.net/pipermail/cgit/2012-July/000652.html http://git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec https://bugzilla.redhat.com/show_bug.cgi?id=820733 from oss-sec via sthen@
17 lines
597 B
Plaintext
17 lines
597 B
Plaintext
$OpenBSD: patch-parsing_c,v 1.1 2012/10/01 16:13:23 landry Exp $
|
|
Fix for heap overflow/stack-smashing, see
|
|
http://hjemli.net/pipermail/cgit/2012-July/000652.html
|
|
http://git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=820733
|
|
--- parsing.c.orig Mon Oct 1 18:05:38 2012
|
|
+++ parsing.c Mon Oct 1 18:06:11 2012
|
|
@@ -56,6 +56,8 @@ char *substr(const char *head, const char *tail)
|
|
{
|
|
char *buf;
|
|
|
|
+ if (tail < head)
|
|
+ return xstrdup("");
|
|
buf = xmalloc(tail - head + 1);
|
|
strncpy(buf, head, tail - head);
|
|
buf[tail - head] = '\0';
|