Projects
openEuler:Mainline
gpm
_service:tar_scm:fix-signedness-issue.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:fix-signedness-issue.patch of Package gpm
From 4337fd9fc2d2ea83654f2ca69245503730231ac3 Mon Sep 17 00:00:00 2001 From: iljavs <ivansprundel@ioactive.com> Date: Mon, 27 Jun 2016 01:17:57 -0700 Subject: [PATCH 21/21] fix signedness issue This commit fixes a signedness issue, where a negative vc coming from a malicious client could possibly cause memory corruption. --- src/daemon/processconn.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/daemon/processconn.c b/src/daemon/processconn.c index a5839a3..e92fa63 100644 --- a/src/daemon/processconn.c +++ b/src/daemon/processconn.c @@ -67,7 +67,8 @@ int processConn(int fd) return -1; } - if((vc = request->vc) > MAX_VC) { + vc = request->vc; + if(vc > MAX_VC || vc < 0) { gpm_report(GPM_PR_DEBUG, GPM_MESS_REQUEST_ON, vc, MAX_VC); free(info); close(newfd); -- 2.19.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2