aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/glib-CVE-2021-27219-14.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/glib-CVE-2021-27219-14.patch')
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-14.patch32
1 files changed, 32 insertions, 0 deletions
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-14.patch b/gnu/packages/patches/glib-CVE-2021-27219-14.patch
new file mode 100644
index 0000000000..78de2846da
--- /dev/null
+++ b/gnu/packages/patches/glib-CVE-2021-27219-14.patch
@@ -0,0 +1,32 @@
+From 4506d1859a863087598c8d122740bae25b65b099 Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@collabora.com>
+Date: Mon, 8 Feb 2021 10:04:48 +0000
+Subject: [PATCH 4/5] gtlspassword: Fix inverted assertion
+
+The intention here was to assert that the length of the password fits
+in a gssize. Passwords more than half the size of virtual memory are
+probably excessive.
+
+Fixes: a8b204ff "gtlspassword: Forbid very long TLS passwords"
+Signed-off-by: Simon McVittie <smcv@collabora.com>
+(cherry picked from commit 61bb52ec42de1082bfb06ce1c737fc295bfe60b8)
+---
+ gio/gtlspassword.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c
+index dbcec41a8..bd86a6dfe 100644
+--- a/gio/gtlspassword.c
++++ b/gio/gtlspassword.c
+@@ -291,7 +291,7 @@ g_tls_password_set_value (GTlsPassword *password,
+ {
+ /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */
+ gsize length_unsigned = strlen ((gchar *) value);
+- g_return_if_fail (length_unsigned > G_MAXSSIZE);
++ g_return_if_fail (length_unsigned <= G_MAXSSIZE);
+ length = (gssize) length_unsigned;
+ }
+
+--
+2.30.1
+