wget/wget-errno-clobber.patch
Andreas Stieger dfdc30c146 Accepting request 537218 from home:AndreasStieger:branches:network:utilities
GNU wget 1.19.2
  * CVE-2017-13089: Stack overflow in HTTP protocol handling (bsc#1064715)
  * CVE-2017-13090: Heap overflow in HTTP protocol handling (bsc#1064716)

OBS-URL: https://build.opensuse.org/request/show/537218
OBS-URL: https://build.opensuse.org/package/show/network:utilities/wget?expand=0&rev=82
2017-10-27 16:40:25 +00:00

31 lines
1.3 KiB
Diff

Index: wget-1.19.2/src/http.c
===================================================================
--- wget-1.19.2.orig/src/http.c 2017-10-26 17:30:08.000000000 +0200
+++ wget-1.19.2/src/http.c 2017-10-27 17:59:48.659093393 +0200
@@ -1524,6 +1524,7 @@ persistent_available_p (const char *host
active, registered connection". */
#define CLOSE_FINISH(fd) do { \
+ int errno_sav = errno; \
if (!keep_alive) \
{ \
if (pconn_active && (fd) == pconn.socket) \
@@ -1532,14 +1533,17 @@ persistent_available_p (const char *host
fd_close (fd); \
fd = -1; \
} \
+ errno = errno_sav; \
} while (0)
#define CLOSE_INVALIDATE(fd) do { \
+ int errno_sav = errno; \
if (pconn_active && (fd) == pconn.socket) \
invalidate_persistent (); \
else \
fd_close (fd); \
fd = -1; \
+ errno = errno_sav; \
} while (0)
typedef enum