From f869b1f6937caeec034a60afed9e9a1ebd7da18a Mon Sep 17 00:00:00 2001 From: Matthias Clasen Date: Tue, 1 Jul 2008 03:27:14 +0000 Subject: [PATCH] Apply fix for CVE-2008-2371 to fix a heap-based buffer overflow. * glib/pcre/pcre_compile.c: Apply fix for CVE-2008-2371 to fix a heap-based buffer overflow. svn path=/trunk/; revision=7123 --- ChangeLog | 5 +++++ glib/pcre/pcre_compile.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 9af8de484..b5bc37e77 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2008-06-30 Matthias Clasen + + * glib/pcre/pcre_compile.c: Apply fix for CVE-2008-2371 to + fix a heap-based buffer overflow. + 2008-06-29 Björn Lindqvist Bug 539626 – Update docstrings for g_object_freeze_notify and diff --git a/glib/pcre/pcre_compile.c b/glib/pcre/pcre_compile.c index 514127f21..54756bc74 100644 --- a/glib/pcre/pcre_compile.c +++ b/glib/pcre/pcre_compile.c @@ -4807,7 +4807,7 @@ we set the flag only if there is a literal "\r" or "\n" in the class. */ (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE)) { cd->external_options = newoptions; - options = newoptions; + options = *optionsptr = newoptions; } else {