wok-4.x diff glibc/stuff/patches/glibc-2.22-CVE-2017-15670.patch @ rev 12476
Up glibc (2.22) with CVE patchs
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Wed Mar 15 11:41:38 2023 +0000 (14 months ago) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/glibc/stuff/patches/glibc-2.22-CVE-2017-15670.patch Wed Mar 15 11:41:38 2023 +0000 1.3 @@ -0,0 +1,19 @@ 1.4 +Based on: 1.5 + 1.6 +From c369d66e5426a30e4725b100d5cd28e372754f90 Mon Sep 17 00:00:00 2001 1.7 +From: Paul Eggert <eggert@cs.ucla.edu> 1.8 +Date: Fri, 20 Oct 2017 18:41:14 +0200 1.9 +Subject: [PATCH] CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320] 1.10 + 1.11 +diff -Naur a/posix/glob.c b/posix/glob.c 1.12 +--- a/posix/glob.c 2017-11-02 15:37:04.841879958 +0530 1.13 ++++ b/posix/glob.c 2017-11-02 15:37:28.866595784 +0530 1.14 +@@ -868,7 +868,7 @@ 1.15 + *p = '\0'; 1.16 + } 1.17 + else 1.18 +- *((char *) mempcpy (newp, dirname + 1, end_name - dirname)) 1.19 ++ *((char *) mempcpy (newp, dirname + 1, end_name - dirname - 1)) 1.20 + = '\0'; 1.21 + user_name = newp; 1.22 + }