Projects
Eulaceura:Factory
libconfuse
_service:obs_scm:CVE-2022-40320.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:obs_scm:CVE-2022-40320.patch of Package libconfuse
--- src/confuse.c +++ src/confuse.c @@ -1865,16 +1865,19 @@ } else { /* ~user or ~user/path */ char *user; + size_t len; file = strchr(filename, '/'); if (file == 0) file = filename + strlen(filename); - user = malloc(file - filename); - if (!user) + len = file - filename - 1; + user = malloc(len + 1); + if (!user) return NULL; - strncpy(user, filename + 1, file - filename - 1); + strncpy(user, &filename[1], len); + user[len] = 0; passwd = getpwnam(user); free(user); }
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2