diff options
Diffstat (limited to 'meta/recipes-devtools/file/file/CVE-2018-10360.patch')
| -rw-r--r-- | meta/recipes-devtools/file/file/CVE-2018-10360.patch | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/meta/recipes-devtools/file/file/CVE-2018-10360.patch b/meta/recipes-devtools/file/file/CVE-2018-10360.patch deleted file mode 100644 index 7f5671b834..0000000000 --- a/meta/recipes-devtools/file/file/CVE-2018-10360.patch +++ /dev/null | |||
| @@ -1,32 +0,0 @@ | |||
| 1 | From df494f4ca494b5e1044052d96a6092a16ef1f6b3 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Christos Zoulas <christos@zoulas.com> | ||
| 3 | Date: Sat, 9 Jun 2018 16:00:06 +0000 | ||
| 4 | Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis) | ||
| 5 | |||
| 6 | Upstream-Status: Backport | ||
| 7 | [https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22] | ||
| 8 | |||
| 9 | CVE: CVE-2018-10360 | ||
| 10 | |||
| 11 | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> | ||
| 12 | --- | ||
| 13 | src/readelf.c | 3 ++- | ||
| 14 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
| 15 | |||
| 16 | diff --git a/src/readelf.c b/src/readelf.c | ||
| 17 | index 3df0836..d96a538 100644 | ||
| 18 | --- a/src/readelf.c | ||
| 19 | +++ b/src/readelf.c | ||
| 20 | @@ -825,7 +825,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, | ||
| 21 | |||
| 22 | cname = (unsigned char *) | ||
| 23 | &nbuf[doff + prpsoffsets(i)]; | ||
| 24 | - for (cp = cname; *cp && isprint(*cp); cp++) | ||
| 25 | + for (cp = cname; cp < nbuf + size && *cp | ||
| 26 | + && isprint(*cp); cp++) | ||
| 27 | continue; | ||
| 28 | /* | ||
| 29 | * Linux apparently appends a space at the end | ||
| 30 | -- | ||
| 31 | 2.7.4 | ||
| 32 | |||