KXStudio
/
Repository
mirror of https://github.com/KXStudio/Repository
1
0
Fork 0
Code Releases 2 Activity
External, Non-PPA KXStudio Repository
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
198 Commits
1 Branch
2.9MB
Tree: b96bd431a5
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b96bd431a5'
${ noResults }
Repository/sources/libs/pcre3-static/debian/patches/upstream-patch-fixing-cve-2...

38 lines
1.1KB
Raw Blame History 

  1. From: Matthew Vernon <matthew@debian.org>

  2. Date: Thu, 18 Jun 2020 19:32:51 +0100

  3. X-Dgit-Generated: 2:8.39-13 7b88c83f87391950756256072f886a08c44ed78f

  4. Subject: upstream patch fixing CVE-2020-14155

  5. 

  6. This checks the size of the number after (?C as it is read, in order

  7. to avoid integer overflow.

  8. 

  9. ---

  10. 

  11. --- pcre3-8.39.orig/pcre_compile.c

  12. +++ pcre3-8.39/pcre_compile.c

  13. @@ -7086,17 +7086,19 @@ for (;; ptr++)

  14.            int n = 0;

  15.            ptr++;

  16.            while(IS_DIGIT(*ptr))

  17. +            { 

  18.              n = n * 10 + *ptr++ - CHAR_0;

  19. +            if (n > 255)

  20. +              {

  21. +              *errorcodeptr = ERR38;

  22. +              goto FAILED;

  23. +              }

  24. +            } 

  25.            if (*ptr != CHAR_RIGHT_PARENTHESIS)

  26.              {

  27.              *errorcodeptr = ERR39;

  28.              goto FAILED;

  29.              }

  30. -          if (n > 255)

  31. -            {

  32. -            *errorcodeptr = ERR38;

  33. -            goto FAILED;

  34. -            }

  35.            *code++ = n;

  36.            PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */

  37.            PUT(code, LINK_SIZE, 0);                          /* Default length */