xbps{,-static}: patch from master to fix a heap overflow.
This commit is contained in:
parent
3dec47818c
commit
61414bab42
4 changed files with 28 additions and 2 deletions
1
srcpkgs/xbps-static/patches
Symbolic link
1
srcpkgs/xbps-static/patches
Symbolic link
|
@ -0,0 +1 @@
|
|||
../xbps/patches
|
|
@ -3,7 +3,7 @@
|
|||
# NOTE: keep this package synchronized with "srcpkgs/xbps".
|
||||
pkgname=xbps-static
|
||||
version=0.39
|
||||
revision=1
|
||||
revision=2
|
||||
bootstrap=yes
|
||||
short_desc="The XBPS package system utilities - static binaries"
|
||||
maintainer="Juan RP <xtraeme@gmail.com>"
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
From 68949809836220d76ecd00bf5ee7f3e57d4032bf Mon Sep 17 00:00:00 2001
|
||||
From: Juan RP <xtraeme@gmail.com>
|
||||
Date: Tue, 16 Sep 2014 09:13:32 +0200
|
||||
Subject: [PATCH] lib/package_msg.c: fix a heap overflow (noticed by @Gottox).
|
||||
|
||||
---
|
||||
lib/package_msg.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/package_msg.c b/lib/package_msg.c
|
||||
index f71dba0..f7d7ee2 100644
|
||||
--- lib/package_msg.c
|
||||
+++ lib/package_msg.c
|
||||
@@ -59,7 +59,7 @@ xbps_cb_message(struct xbps_handle *xhp, xbps_dictionary_t pkgd, const char *key
|
||||
xbps_dbg_printf(xhp, "[%s] %s: fmemopen %s\n", __func__, pkgver, strerror(rv));
|
||||
goto out;
|
||||
};
|
||||
- buf = malloc(len);
|
||||
+ buf = malloc(len+1);
|
||||
assert(buf);
|
||||
if (fread(buf, len, 1, f) != len) {
|
||||
if (ferror(f)) {
|
||||
--
|
||||
2.1.0
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'xbps'
|
||||
pkgname=xbps
|
||||
version=0.39
|
||||
revision=1
|
||||
revision=2
|
||||
bootstrap=yes
|
||||
short_desc="The XBPS package system utilities"
|
||||
maintainer="Juan RP <xtraeme@gmail.com>"
|
||||
|
|
Loading…
Reference in a new issue