forked from pool/at-spi2-core
d8d7b85719
- Add at-spi2-core-bgo791124-buffer-overflow.patch: fix possible buffer overflow reading dbus address in at-spi-bus-launcher (bgo#791124). - Add at-spi2-core-bgo791167-reproducible-build.patch: use @basename@ in templates, rather than @filename@; fixes build reproducibility and multiarch conflict (bgo#791167). OBS-URL: https://build.opensuse.org/request/show/548496 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/at-spi2-core?expand=0&rev=172
29 lines
862 B
Diff
29 lines
862 B
Diff
From c2e87fe00b596dba20c9d57d406ab8faa744b15a Mon Sep 17 00:00:00 2001
|
|
From: Maya Rashish <maya@NetBSD.org>
|
|
Date: Sat, 2 Dec 2017 13:24:29 +0200
|
|
Subject: [PATCH 1/2] Fix inverted logic.
|
|
|
|
Don't write more into a buffer than it can hold.
|
|
|
|
https://bugzilla.gnome.org/show_bug.cgi?id=791124
|
|
---
|
|
bus/at-spi-bus-launcher.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/bus/at-spi-bus-launcher.c b/bus/at-spi-bus-launcher.c
|
|
index 261353f..eb2b8e3 100644
|
|
--- a/bus/at-spi-bus-launcher.c
|
|
+++ b/bus/at-spi-bus-launcher.c
|
|
@@ -244,7 +244,7 @@ unix_read_all_fd_to_string (int fd,
|
|
{
|
|
ssize_t bytes_read;
|
|
|
|
- while (max_bytes > 1 && (bytes_read = read (fd, buf, MAX (4096, max_bytes - 1))))
|
|
+ while (max_bytes > 1 && (bytes_read = read (fd, buf, MIN (4096, max_bytes - 1))))
|
|
{
|
|
if (bytes_read < 0)
|
|
return FALSE;
|
|
--
|
|
2.15.0
|
|
|