Fix a possible buffer overflow in transform_utf16_java()
This commit is contained in:
Petr Písař
parent
8c41ebb71d
commit
980edaa463
@ -0,0 +1,43 @@
|
|||||||
|
From 3e566ca4b17814de8bc100e3edadbed6e539874f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Reuben Thomas <rrt@sc3d.org>
|
||||||
|
Date: Wed, 11 Sep 2019 19:46:53 +0100
|
||||||
|
Subject: [PATCH] Fix a couple of potential buffer overflows
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
src/java.c | 2 +-
|
||||||
|
src/testdump.c | 2 +-
|
||||||
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/java.c b/src/java.c
|
||||||
|
index 05367f1..4bb8bc9 100644
|
||||||
|
--- a/src/java.c
|
||||||
|
+++ b/src/java.c
|
||||||
|
@@ -88,7 +88,7 @@ transform_utf16_java (RECODE_SUBTASK subtask)
|
||||||
|
put_byte (value, subtask);
|
||||||
|
else
|
||||||
|
{
|
||||||
|
- char buffer[7];
|
||||||
|
+ char buffer[11];
|
||||||
|
char *cursor;
|
||||||
|
|
||||||
|
sprintf (buffer, "\\u%04x", value);
|
||||||
|
diff --git a/src/testdump.c b/src/testdump.c
|
||||||
|
index ff2ee9d..bd45837 100644
|
||||||
|
--- a/src/testdump.c
|
||||||
|
+++ b/src/testdump.c
|
||||||
|
@@ -254,7 +254,7 @@ produce_count (RECODE_SUBTASK subtask)
|
||||||
|
delayed--;
|
||||||
|
}
|
||||||
|
|
||||||
|
- sprintf (buffer, "%*u %.4X", (int)count_width, (*cursor)->count, character);
|
||||||
|
+ snprintf (buffer, sizeof(buffer), "%*u %.4X", (int)count_width, (*cursor)->count, character);
|
||||||
|
put_string (buffer, subtask);
|
||||||
|
if (mnemonic)
|
||||||
|
{
|
||||||
|
--
|
||||||
|
2.21.0
|
||||||
|
|
||||||
@ -58,6 +58,9 @@ URL: https://github.com/rrthomas/recode
|
|||||||
Source: %{url}/releases/download/v%{version}/recode-%{version}.tar.gz
|
Source: %{url}/releases/download/v%{version}/recode-%{version}.tar.gz
|
||||||
# Make internal hash function identifiers unique
|
# Make internal hash function identifiers unique
|
||||||
Patch0: recode-3.7.1-Rename-coliding-hash-functions.patch
|
Patch0: recode-3.7.1-Rename-coliding-hash-functions.patch
|
||||||
|
# Fix a possible buffer overflow in transform_utf16_java(),
|
||||||
|
# in upstream after 3.7.5
|
||||||
|
Patch1: recode-3.7.5-Fix-a-couple-of-potential-buffer-overflows.patch
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: coreutils
|
BuildRequires: coreutils
|
||||||
@ -96,6 +99,7 @@ This package provides deader files for recode library.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
autoreconf -fi
|
autoreconf -fi
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -145,6 +149,7 @@ rm $RPM_BUILD_ROOT%{_libdir}/*.la
|
|||||||
%changelog
|
%changelog
|
||||||
* Thu Sep 12 2019 Petr Pisar <ppisar@redhat.com> - 3.7.5-1
|
* Thu Sep 12 2019 Petr Pisar <ppisar@redhat.com> - 3.7.5-1
|
||||||
- 3.7.5 bump
|
- 3.7.5 bump
|
||||||
|
- Fix a possible buffer overflow in transform_utf16_java()
|
||||||
|
|
||||||
* Mon Sep 02 2019 Petr Pisar <ppisar@redhat.com> - 3.7.4-1
|
* Mon Sep 02 2019 Petr Pisar <ppisar@redhat.com> - 3.7.4-1
|
||||||
- 3.7.4 bump
|
- 3.7.4 bump
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user