[Midnightbsd-cvs] src [7643] stable/0.7/usr.bin/bsdiff/bspatch/bspatch.c: security patch to prevent attackers from modifying a file
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Jul 25 19:36:18 EDT 2016
Revision: 7643
http://svnweb.midnightbsd.org/src/?rev=7643
Author: laffer1
Date: 2016-07-25 19:36:17 -0400 (Mon, 25 Jul 2016)
Log Message:
-----------
security patch to prevent attackers from modifying a file
Modified Paths:
--------------
stable/0.7/usr.bin/bsdiff/bspatch/bspatch.c
Modified: stable/0.7/usr.bin/bsdiff/bspatch/bspatch.c
===================================================================
--- stable/0.7/usr.bin/bsdiff/bspatch/bspatch.c 2016-07-25 21:51:53 UTC (rev 7642)
+++ stable/0.7/usr.bin/bsdiff/bspatch/bspatch.c 2016-07-25 23:36:17 UTC (rev 7643)
@@ -155,6 +155,10 @@
};
/* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"Corrupt patch\n");
More information about the Midnightbsd-cvs
mailing list