[Midnightbsd-cvs] src [7644] stable/0.8/usr.bin/bsdiff/bspatch/bspatch.c: fix security issue
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Jul 25 19:52:06 EDT 2016
Revision: 7644
http://svnweb.midnightbsd.org/src/?rev=7644
Author: laffer1
Date: 2016-07-25 19:52:05 -0400 (Mon, 25 Jul 2016)
Log Message:
-----------
fix security issue
Modified Paths:
--------------
stable/0.8/usr.bin/bsdiff/bspatch/bspatch.c
Modified: stable/0.8/usr.bin/bsdiff/bspatch/bspatch.c
===================================================================
--- stable/0.8/usr.bin/bsdiff/bspatch/bspatch.c 2016-07-25 23:36:17 UTC (rev 7643)
+++ stable/0.8/usr.bin/bsdiff/bspatch/bspatch.c 2016-07-25 23:52:05 UTC (rev 7644)
@@ -155,6 +155,14 @@
};
/* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"Corrupt patch\n");
More information about the Midnightbsd-cvs
mailing list