forked from pool/rtl_433
b60d5aea72
- Add patch to fix security issue: CVE-2022-27419 (bsc#1198434) * 0001-Fix-overflow-in-Acurite-00275rm-closes-2012.patch OBS-URL: https://build.opensuse.org/request/show/969759 OBS-URL: https://build.opensuse.org/package/show/hardware:sdr/rtl_433?expand=0&rev=25
36 lines
1.3 KiB
Diff
36 lines
1.3 KiB
Diff
From 37455483889bd1c641bdaafc493d1cc236b74904 Mon Sep 17 00:00:00 2001
|
|
From: "Christian W. Zuckschwerdt" <christian@zuckschwerdt.org>
|
|
Date: Fri, 18 Mar 2022 08:09:15 +0100
|
|
Subject: [PATCH] Fix overflow in Acurite-00275rm (closes #2012)
|
|
|
|
---
|
|
src/devices/acurite.c | 6 +++---
|
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/devices/acurite.c b/src/devices/acurite.c
|
|
index 6879e52d..4f3e83eb 100644
|
|
--- a/src/devices/acurite.c
|
|
+++ b/src/devices/acurite.c
|
|
@@ -1318,15 +1318,15 @@ static int acurite_00275rm_decode(r_device *decoder, bitbuffer_t *bitbuffer)
|
|
|
|
// Combine signal if exactly three repeats were found
|
|
if (n_rows == 3) {
|
|
- uint8_t *b = bitbuffer->bb[bitbuffer->num_rows];
|
|
+ bitbuffer_add_row(bitbuffer);
|
|
+ uint8_t *b = bitbuffer->bb[bitbuffer->num_rows - 1];
|
|
for (int i = 0; i < 11; ++i) {
|
|
// The majority bit count wins
|
|
b[i] = (b_rows[0][i] & b_rows[1][i]) |
|
|
(b_rows[1][i] & b_rows[2][i]) |
|
|
(b_rows[2][i] & b_rows[0][i]);
|
|
}
|
|
- bitbuffer->bits_per_row[bitbuffer->num_rows] = 88;
|
|
- bitbuffer->num_rows += 1;
|
|
+ bitbuffer->bits_per_row[bitbuffer->num_rows - 1] = 88;
|
|
}
|
|
|
|
// Output the first valid row
|
|
--
|
|
2.35.1
|
|
|