forked from pool/libical
d2fbb3222f
- Add fixes for various crashes: libical-boo986631-read-past-end.patch libical-boo986631-check-prev-char.patch libical-parser-sanity-check.patch libical-timezone-use-after-free.patch libical-boo1015964-use-after-free.patch Fixes boo#986631 (CVE-2016-5827), boo#986639 (CVE-2016-5824), boo#1015964 (CVE-2016-9584), and boo#1044995. OBS-URL: https://build.opensuse.org/request/show/505726 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libical?expand=0&rev=43
28 lines
814 B
Diff
28 lines
814 B
Diff
From 6b9438d746cec6e4e632d78c5244f4be6314d1c9 Mon Sep 17 00:00:00 2001
|
|
From: Allen Winter <allen.winter@kdab.com>
|
|
Date: Sun, 28 May 2017 12:51:10 -0400
|
|
Subject: [PATCH] icaltypes.c - icalreqstattype_from_string(), copy the
|
|
reqstattype's debug string into its own memory in the ring buffer.
|
|
|
|
Issue#253
|
|
---
|
|
src/libical/icaltypes.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/libical/icaltypes.c b/src/libical/icaltypes.c
|
|
index 70c50d29..85c33545 100644
|
|
--- a/src/libical/icaltypes.c
|
|
+++ b/src/libical/icaltypes.c
|
|
@@ -140,7 +140,7 @@ struct icalreqstattype icalreqstattype_from_string(const char *str)
|
|
|
|
p2 = strchr(p1 + 1, ';');
|
|
if (p2 != 0 && *p2 != 0) {
|
|
- stat.debug = p2 + 1;
|
|
+ stat.debug = icalmemory_tmp_copy(p2 + 1);
|
|
}
|
|
|
|
return stat;
|
|
--
|
|
2.12.3
|
|
|