richardphibel / rpms / rpm

Forked from rpms/rpm 2 years ago
Clone
Florian Festi f27d92
From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001
Florian Festi f27d92
From: Panu Matilainen <pmatilai@redhat.com>
Florian Festi f27d92
Date: Tue, 6 Sep 2022 13:15:44 +0300
Florian Festi f27d92
Subject: [PATCH] Fix buffer overrun from commit
Florian Festi f27d92
 4420c78beb86cc67392274bf351478a3375626a2
Florian Festi f27d92
Florian Festi f27d92
The newly handled ^ needs to be accounted for when allocating memory.
Florian Festi f27d92
Found when testing #1936, goes to show what a useful thing that is.
Florian Festi f27d92
---
Florian Festi f27d92
 lib/rpmdb.c | 1 +
Florian Festi f27d92
 1 file changed, 1 insertion(+)
Florian Festi f27d92
Florian Festi f27d92
diff --git a/lib/rpmdb.c b/lib/rpmdb.c
Florian Festi f27d92
index fd2b0671ae..b3c5da62d5 100644
Florian Festi f27d92
--- a/lib/rpmdb.c
Florian Festi f27d92
+++ b/lib/rpmdb.c
Florian Festi f27d92
@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep,
Florian Festi f27d92
 	    case '.':
Florian Festi f27d92
 	    case '+':
Florian Festi f27d92
 	    case '*':
Florian Festi f27d92
+	    case '^':
Florian Festi f27d92
 		if (!brackets) nb++;
Florian Festi f27d92
 		break;
Florian Festi f27d92
 	    case '\\':