diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-12-26 16:03:09 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-12-26 16:03:09 +0100 |
commit | 2bfcdbce51cf09a856ac0e43bb1a554b0110e1df (patch) | |
tree | 9d6a801ec5d6ccedf4ad600e8748b8c9d24315c7 /gnu/packages/patches | |
parent | e99d036828bd7d01bfd108f3d5a2f7de61fab32d (diff) | |
parent | 10275b7466853fce6d5b925f0267c20c304ba25a (diff) | |
download | guix-2bfcdbce51cf09a856ac0e43bb1a554b0110e1df.tar guix-2bfcdbce51cf09a856ac0e43bb1a554b0110e1df.tar.gz |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/file-CVE-2018-10360.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/gnu/packages/patches/file-CVE-2018-10360.patch b/gnu/packages/patches/file-CVE-2018-10360.patch new file mode 100644 index 0000000000..9285611c04 --- /dev/null +++ b/gnu/packages/patches/file-CVE-2018-10360.patch @@ -0,0 +1,27 @@ +https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22.patch +The leading part of the patch starting at line 27 was trimmed off. +This patch should be OK to drop with file@5.35. + +From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Sat, 9 Jun 2018 16:00:06 +0000 +Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis) + +--- + src/readelf.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/readelf.c b/src/readelf.c +index 79c83f9f5..1f41b4611 100644 +--- a/src/readelf.c ++++ b/src/readelf.c +@@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, + + cname = (unsigned char *) + &nbuf[doff + prpsoffsets(i)]; +- for (cp = cname; *cp && isprint(*cp); cp++) ++ for (cp = cname; cp < nbuf + size && *cp ++ && isprint(*cp); cp++) + continue; + /* + * Linux apparently appends a space at the end |