1708d98eba
* Mon Nov 14 2022 Arjun Shankar <arjun@redhat.com> - 2.34-49 - Sync with upstream branch release/2.34/master, commit: 75b0edb7ef338084e53925139ae81fb0dfc07dd4: - Update NEWS file in the right place - Linux: Support __IPC_64 in sysvctl *ctl command arguments (bug 29771) - io: Fix use-after-free in ftw [BZ #26779] - io: Fix ftw internal realloc buffer (BZ #28126) - regex: fix buffer read overrun in search [BZ#28470] - regex: copy back from Gnulib - Allow #pragma GCC in headers in conformtest - Fix memmove call in vfprintf-internal.c:group_number - mktime: improve heuristic for ca-1986 Indiana DST - Makerules: fix MAKEFLAGS assignment for upcoming make-4.4 [BZ# 29564] - linux: Fix generic struct_stat for 64 bit time (BZ# 29657) - elf: Do not completely clear reused namespace in dlmopen (bug 29600) - nss: Use shared prefix in IPv4 address in tst-reload1 - nss: Fix tst-nss-files-hosts-long on single-stack hosts (bug 24816) - nss: Implement --no-addrconfig option for getent Resolves: #2141728 Resolves: #2110357 Resolves: #2141685
26 lines
905 B
Diff
26 lines
905 B
Diff
commit deea6ab1bcb2696be514e579f3263c234ecc1683
|
|
Author: Martin Sebor <msebor@redhat.com>
|
|
Date: Tue Jan 25 17:39:02 2022 -0700
|
|
|
|
io: Fix use-after-free in ftw [BZ #26779]
|
|
|
|
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
(cherry picked from commit ee52ab25ba875f458981fce22c54e3c04c7a17d3)
|
|
|
|
diff --git a/io/ftw.c b/io/ftw.c
|
|
index cf08d9f101657df0..91a4e8e6de151ca1 100644
|
|
--- a/io/ftw.c
|
|
+++ b/io/ftw.c
|
|
@@ -324,8 +324,9 @@ open_dir_stream (int *dfdp, struct ftw_data *data, struct dir_data *dirp)
|
|
buf[actsize++] = '\0';
|
|
|
|
/* Shrink the buffer to what we actually need. */
|
|
- data->dirstreams[data->actdir]->content = realloc (buf, actsize);
|
|
- if (data->dirstreams[data->actdir]->content == NULL)
|
|
+ void *content = realloc (buf, actsize);
|
|
+ data->dirstreams[data->actdir]->content = content;
|
|
+ if (content == NULL)
|
|
{
|
|
int save_err = errno;
|
|
free (buf);
|