Marcus Meissner
57b47b362a
- add less-458-out_of_bounds_read.patch to fix an "out of bounds read access in the UTF-8" vulnerability (bnc#921719), (CVE-2014-9488) OBS-URL: https://build.opensuse.org/request/show/290992 OBS-URL: https://build.opensuse.org/package/show/Base:System/less?expand=0&rev=50
14 lines
472 B
Diff
14 lines
472 B
Diff
Index: less-458/line.c
|
|
===================================================================
|
|
--- less-458.orig/line.c
|
|
+++ less-458/line.c
|
|
@@ -828,7 +828,7 @@ pappend(c, pos)
|
|
mbc_buf[mbc_buf_index++] = c;
|
|
if (mbc_buf_index < mbc_buf_len)
|
|
return (0);
|
|
- if (is_utf8_well_formed(mbc_buf))
|
|
+ if (is_utf8_well_formed(mbc_buf, mbc_buf_index))
|
|
r = do_append(get_wchar(mbc_buf), mbc_buf, mbc_pos);
|
|
else
|
|
/* Complete, but not shortest form, sequence. */
|