wok-4.x view glibc/stuff/patches/glibc-2.22-CVE-2017-15804.patch @ rev 12476
Up glibc (2.22) with CVE patchs
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Wed Mar 15 11:41:38 2023 +0000 (19 months ago) |
| parents | |
| children |
line source
1 Based on:
3 From a159b53fa059947cc2548e3b0d5bdcf7b9630ba8 Mon Sep 17 00:00:00 2001
4 From: Paul Eggert <eggert@cs.ucla.edu>
5 Date: Sun, 22 Oct 2017 10:00:57 +0200
6 Subject: [PATCH] glob: Fix buffer overflow during GLOB_TILDE unescaping
8 diff -Naur a/posix/glob.c b/posix/glob.c
9 --- a/posix/glob.c 2017-12-07 18:57:12.370562751 +0530
10 +++ b/posix/glob.c 2017-12-07 18:57:51.246561905 +0530
11 @@ -848,11 +848,11 @@
12 char *p = mempcpy (newp, dirname + 1,
13 unescape - dirname - 1);
14 char *q = unescape;
15 - while (*q != '\0')
16 + while (q != end_name)
17 {
18 if (*q == '\\')
19 {
20 - if (q[1] == '\0')
21 + if (q + 1 == end_name)
22 {
23 /* "~fo\\o\\" unescape to user_name "foo\\",
24 but "~fo\\o\\/" unescape to user_name