rpms / guestfs-tools

Clone
Source Code
GIT

Blame SOURCES/0006-update-common-submodule-for-CVE-2022-2211-fix.patch

c9 c9-beta
  1.   c9-beta
  2.   SOURCES
  3.   0006-update-common-submodule-for-CVE-2022-2211-fix.patch
Blob History Raw
7b180b 
From 493060f2ee3d5c1c8d6192bbfd307e0b720f6c11 Mon Sep 17 00:00:00 2001
7b180b 
From: Laszlo Ersek <lersek@redhat.com>
7b180b 
Date: Wed, 29 Jun 2022 15:38:46 +0200
7b180b 
Subject: [PATCH] update common submodule for CVE-2022-2211 fix
7b180b
7b180b 
$ git shortlog 9e990f3e4530..35467027f657
7b180b
7b180b 
Laszlo Ersek (1):
7b180b 
      options: fix buffer overflow in get_keys() [CVE-2022-2211]
7b180b
7b180b 
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
7b180b 
(cherry picked from commit b2e7de29b413d531c9540eb46878170e357f4b62)
7b180b 
---
7b180b 
 common | 2 +-
7b180b 
 1 file changed, 1 insertion(+), 1 deletion(-)
7b180b
7b180b 
Submodule common 9e990f3e4..35467027f:
7b180b 
diff --git a/common/options/keys.c b/common/options/keys.c
7b180b 
index 798315c..d27a712 100644
7b180b 
--- a/common/options/keys.c
7b180b 
+++ b/common/options/keys.c
7b180b 
@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
7b180b 
 char **
7b180b 
 get_keys (struct key_store *ks, const char *device, const char *uuid)
7b180b 
 {
7b180b 
-  size_t i, j, len;
7b180b 
+  size_t i, j, nmemb;
7b180b 
   char **r;
7b180b 
   char *s;
7b180b
7b180b 
   /* We know the returned list must have at least one element and not
7b180b 
    * more than ks->nr_keys.
7b180b 
    */
7b180b 
-  len = 1;
7b180b 
-  if (ks)
7b180b 
-    len = MIN (1, ks->nr_keys);
7b180b 
-  r = calloc (len+1, sizeof (char *));
7b180b 
+  nmemb = 1;
7b180b 
+  if (ks && ks->nr_keys > nmemb)
7b180b 
+    nmemb = ks->nr_keys;
7b180b 
+
7b180b 
+  /* make room for the terminating NULL */
7b180b 
+  if (nmemb == (size_t)-1)
7b180b 
+    error (EXIT_FAILURE, 0, _("size_t overflow"));
7b180b 
+  nmemb++;
7b180b 
+
7b180b 
+  r = calloc (nmemb, sizeof (char *));
7b180b 
   if (r == NULL)
7b180b 
     error (EXIT_FAILURE, errno, "calloc");
7b180b
7b180b 
--
7b180b 
2.31.1
7b180b

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation