Blame 0001-Fix-buffer-overrun-from-commit-4420c78beb86cc6739227.patch
|
Panu Matilainen |
56a300 |
From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001
|
|
Panu Matilainen |
56a300 |
Message-Id: <19d73f67883c011cc74326a5dc34f7009efa60e1.1662536462.git.pmatilai@redhat.com>
|
|
Panu Matilainen |
56a300 |
From: Panu Matilainen <pmatilai@redhat.com>
|
|
Panu Matilainen |
56a300 |
Date: Tue, 6 Sep 2022 13:15:44 +0300
|
|
Panu Matilainen |
56a300 |
Subject: [PATCH] Fix buffer overrun from commit
|
|
Panu Matilainen |
56a300 |
4420c78beb86cc67392274bf351478a3375626a2
|
|
Panu Matilainen |
56a300 |
|
|
Panu Matilainen |
56a300 |
The newly handled ^ needs to be accounted for when allocating memory.
|
|
Panu Matilainen |
56a300 |
Found when testing #1936, goes to show what a useful thing that is.
|
|
Panu Matilainen |
56a300 |
---
|
|
Panu Matilainen |
56a300 |
lib/rpmdb.c | 1 +
|
|
Panu Matilainen |
56a300 |
1 file changed, 1 insertion(+)
|
|
Panu Matilainen |
56a300 |
|
|
Panu Matilainen |
56a300 |
diff --git a/lib/rpmdb.c b/lib/rpmdb.c
|
|
Panu Matilainen |
56a300 |
index fd2b0671a..b3c5da62d 100644
|
|
Panu Matilainen |
56a300 |
--- a/lib/rpmdb.c
|
|
Panu Matilainen |
56a300 |
+++ b/lib/rpmdb.c
|
|
Panu Matilainen |
56a300 |
@@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep,
|
|
Panu Matilainen |
56a300 |
case '.':
|
|
Panu Matilainen |
56a300 |
case '+':
|
|
Panu Matilainen |
56a300 |
case '*':
|
|
Panu Matilainen |
56a300 |
+ case '^':
|
|
Panu Matilainen |
56a300 |
if (!brackets) nb++;
|
|
Panu Matilainen |
56a300 |
break;
|
|
Panu Matilainen |
56a300 |
case '\\':
|
|
Panu Matilainen |
56a300 |
--
|
|
Panu Matilainen |
56a300 |
2.37.3
|
|
Panu Matilainen |
56a300 |
|