calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master64'
${ noResults }
gentoo-overlay/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8...

39 lines
1.4 KiB
Raw Permalink Blame History

https://sources.debian.org/patches/fuseiso/20070708-3.2/02-prevent-buffer-overflow.patch/
https://bugs.gentoo.org/713328
----
Description: Prevent stack-based buffer overflow on too-long path names
Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
--- a/src/isofs.c
+++ b/src/isofs.c
@@ -1532,13 +1532,23 @@
if(path[1] != '\0') { // not root dir
strcat(absolute_entry, "/");
};
- strcat(absolute_entry, entry);
- if(g_hash_table_lookup(lookup_table, absolute_entry)) {
- // already in lookup cache
+
+ if(strlen(absolute_entry) + strlen(entry) <= PATH_MAX-1) {
+ strcat(absolute_entry, entry);
+ if(g_hash_table_lookup(lookup_table, absolute_entry)) {
+ // already in lookup cache
+ isofs_free_inode(inode);
+ } else {
+ g_hash_table_insert(lookup_table, g_strdup(absolute_entry), inode);
+ };
+ }
+ else {
+ printf("readdir: absolute path name for entry '%s' exceeding PATH_MAX (%d)\n", entry, PATH_MAX);
isofs_free_inode(inode);
- } else {
- g_hash_table_insert(lookup_table, g_strdup(absolute_entry), inode);
- };
+ free(buf);
+ free(entry);
+ return -EIO;
+ }
free(entry);
Reference in new issue View Git Blame Copy Permalink