diff options
author | Mike Frysinger <vapier@gentoo.org> | 2016-02-14 14:46:49 -0500 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2016-02-14 14:47:27 -0500 |
commit | 5a7c109933aac0f9de580513346ebe94f3acd4f2 (patch) | |
tree | 510751ffcee6b0a45a8cab6e105d7910c0954cea /app-arch/cpio/files | |
parent | app-arch/cpio: drop autotools usage (diff) | |
download | gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.tar.gz gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.tar.bz2 gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.zip |
app-arch/cpio: fix small buffer overflow #572428
Diffstat (limited to 'app-arch/cpio/files')
-rw-r--r-- | app-arch/cpio/files/cpio-2.12-name-overflow.patch | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/app-arch/cpio/files/cpio-2.12-name-overflow.patch b/app-arch/cpio/files/cpio-2.12-name-overflow.patch new file mode 100644 index 000000000000..f85246884c39 --- /dev/null +++ b/app-arch/cpio/files/cpio-2.12-name-overflow.patch @@ -0,0 +1,15 @@ +https://bugs.gentoo.org/572428 +https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00002.html +http://seclists.org/oss-sec/2016/q1/136 + +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -1385,6 +1385,8 @@ + break; + } + ++ if (file_hdr.c_namesize <= 1) ++ file_hdr.c_name = xrealloc (file_hdr.c_name, 2); + cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag, + false); + |