[file] Add missing patch
Jan Kaluža
jkaluza at fedoraproject.org
Thu Oct 23 07:08:19 UTC 2014
commit 57f71cc0ee604153b029d9123cb1a281986ad6a5
Author: Jan Kaluza <jkaluza at redhat.com>
Date: Thu Oct 23 09:08:16 2014 +0200
Add missing patch
file-5.20-CVE-2014-3710.patch | 28 ++++++++++++++++++++++++++++
1 files changed, 28 insertions(+), 0 deletions(-)
---
diff --git a/file-5.20-CVE-2014-3710.patch b/file-5.20-CVE-2014-3710.patch
new file mode 100644
index 0000000..0fcf703
--- /dev/null
+++ b/file-5.20-CVE-2014-3710.patch
@@ -0,0 +1,28 @@
+From 39c7ac1106be844a5296d3eb5971946cc09ffda0 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos at zoulas.com>
+Date: Fri, 17 Oct 2014 15:49:00 +0000
+Subject: [PATCH] Fix note bounds reading, Francisco Alonso / Red Hat
+
+---
+ ChangeLog | 4 ++++
+ src/readelf.c | 9 ++++++++-
+ 2 files changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index 08f81f5..9ebdebd 100644
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -477,6 +477,13 @@ donote(struct magic_set *ms, void *vbuf, size_t offset, size_t size,
+ uint32_t namesz, descsz;
+ unsigned char *nbuf = CAST(unsigned char *, vbuf);
+
++ if (xnh_sizeof + offset > size) {
++ /*
++ * We're out of note headers.
++ */
++ return xnh_sizeof + offset;
++ }
++
+ (void)memcpy(xnh_addr, &nbuf[offset], xnh_sizeof);
+ offset += xnh_sizeof;
+
More information about the scm-commits
mailing list