wok-next view arj/stuff/patches/CVE-2015-2782-buffer-overflow.patch @ rev 19715
Fix building: pciutils, pcmanfm-legacy, arj
| author | Aleksej Bobylev <al.bobylev@gmail.com> |
|---|---|
| date | Sat May 13 17:25:31 2017 +0300 (2017-05-13) |
| parents | |
| children |
line source
1 Description: Fix buffer overflow causing an invalid pointer free().
2 Author: Guillem Jover <guillem@debian.org>
3 Origin: vendor
4 Bug-Debian: https://bugs.debian.org/774015
5 Forwarded: no
6 Last-Update: 2015-02-26
8 ---
9 decode.c | 6 +++---
10 1 file changed, 3 insertions(+), 3 deletions(-)
12 --- a/decode.c
13 +++ b/decode.c
14 @@ -255,7 +255,7 @@ void read_pt_len(int nn, int nbit, int i
15 if(i==i_special)
16 {
17 c=getbits(2);
18 - while(--c>=0)
19 + while(--c>=0&&i<nn)
20 pt_len[i++]=0;
21 }
22 }
23 @@ -314,10 +314,10 @@ void read_c_len()
24 c=getbits(CBIT);
25 c+=20;
26 }
27 - while(--c>=0)
28 + while(--c>=0&&i<NC)
29 c_len[i++]=0;
30 }
31 - else
32 + else if (i<NC)
33 c_len[i++]=(unsigned char)(c-2);
34 }
35 while(i<NC)