file: update to 5.38.
This commit is contained in:
Anthony Iliopoulos
Piotr
parent
3be8e9e858
commit
3b48c554a4
2 changed files with 4 additions and 63 deletions
|
|
@ -1,59 +0,0 @@
|
|||
From ba28c7f45bc1fd8cf882ad21ce619655c2736d7b Mon Sep 17 00:00:00 2001
|
||||
From: Christos Zoulas <christos@zoulas.com>
|
||||
Date: Mon, 26 Aug 2019 14:31:39 +0000
|
||||
Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
|
||||
|
||||
---
|
||||
src/cdf.c | 9 ++++-----
|
||||
src/cdf.h | 1 +
|
||||
2 files changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/cdf.c b/src/cdf.c
|
||||
index 556a3ff8..e4835fef 100644
|
||||
--- src/cdf.c
|
||||
+++ src/cdf.c
|
||||
@@ -35,7 +35,7 @@
|
||||
#include "file.h"
|
||||
|
||||
#ifndef lint
|
||||
-FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
|
||||
+FILE_RCSID("@(#)$File: cdf.c,v 1.116 2019/08/26 14:31:39 christos Exp $")
|
||||
#endif
|
||||
|
||||
#include <assert.h>
|
||||
@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
|
||||
goto out;
|
||||
}
|
||||
nelements = CDF_GETUINT32(q, 1);
|
||||
- if (nelements == 0) {
|
||||
- DPRINTF(("CDF_VECTOR with nelements == 0\n"));
|
||||
+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
|
||||
+ DPRINTF(("CDF_VECTOR with nelements == %"
|
||||
+ SIZE_T_FORMAT "u\n", nelements));
|
||||
goto out;
|
||||
}
|
||||
slen = 2;
|
||||
@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
|
||||
goto out;
|
||||
inp += nelem;
|
||||
}
|
||||
- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
|
||||
- nelements));
|
||||
for (j = 0; j < nelements && i < sh.sh_properties;
|
||||
j++, i++)
|
||||
{
|
||||
diff --git a/src/cdf.h b/src/cdf.h
|
||||
index 2f7e554b..05056668 100644
|
||||
--- src/cdf.h
|
||||
+++ src/cdf.h
|
||||
@@ -48,6 +48,7 @@
|
||||
typedef int32_t cdf_secid_t;
|
||||
|
||||
#define CDF_LOOP_LIMIT 10000
|
||||
+#define CDF_ELEMENT_LIMIT 100000
|
||||
|
||||
#define CDF_SECID_NULL 0
|
||||
#define CDF_SECID_FREE -1
|
||||
--
|
||||
2.23.0
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'file'
|
||||
pkgname=file
|
||||
version=5.37
|
||||
revision=2
|
||||
version=5.38
|
||||
revision=1
|
||||
bootstrap=yes
|
||||
build_style=gnu-configure
|
||||
configure_args="--enable-static"
|
||||
|
|
@ -10,8 +10,8 @@ short_desc="File type identification utility"
|
|||
maintainer="Enno Boland <gottox@voidlinux.org>"
|
||||
license="BSD-2-Clause"
|
||||
homepage="http://www.darwinsys.com/file/"
|
||||
distfiles="ftp://ftp.astron.com/pub/file/file-${version}.tar.gz"
|
||||
checksum=e9c13967f7dd339a3c241b7710ba093560b9a33013491318e88e6b8b57bae07f
|
||||
distfiles="https://astron.com/pub/file/file-${version}.tar.gz"
|
||||
checksum=593c2ffc2ab349c5aea0f55fedfe4d681737b6b62376a9b3ad1e77b2cc19fa34
|
||||
|
||||
if [ "$CROSS_BUILD" ]; then
|
||||
# XXX cross compilation needs exactly the same version for the host
|
||||
|
|
|
|||
Loading…
Reference in a new issue