diff options
| author | William Pitcock <nenolod@dereferenced.org> | 2017-10-12 00:51:20 +0000 |
|---|---|---|
| committer | William Pitcock <nenolod@dereferenced.org> | 2017-10-12 00:51:20 +0000 |
| commit | afdba0ba0b8c0e92c376e7f1bfb151c07bf654b6 (patch) | |
| tree | 8b8e5b58057c394a57e427ba8776a933c8377335 /main/musl/0061-fix-OOB-reads-in-Xbyte_memmem.patch | |
| parent | ba95a098380de3c708a38dbecc0a8aae077d7574 (diff) | |
| download | aports-afdba0ba0b8c0e92c376e7f1bfb151c07bf654b6.tar.bz2 aports-afdba0ba0b8c0e92c376e7f1bfb151c07bf654b6.tar.xz | |
main/musl: update to alpine version 1.1.16-r21
- incorporate unreleased upstream bugfixes from august to present:
- fix OOB reads in memmem implementations
- fix undefined behaviour in memset
- fix memory leak in clearenv
- fix unicode processing bugs
- fix signal masking issue with pthread_create
- fix glob descent with GLOB_PERIOD
- implement fopencookie(3)
Diffstat (limited to 'main/musl/0061-fix-OOB-reads-in-Xbyte_memmem.patch')
| -rw-r--r-- | main/musl/0061-fix-OOB-reads-in-Xbyte_memmem.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/main/musl/0061-fix-OOB-reads-in-Xbyte_memmem.patch b/main/musl/0061-fix-OOB-reads-in-Xbyte_memmem.patch new file mode 100644 index 0000000000..42684d8328 --- /dev/null +++ b/main/musl/0061-fix-OOB-reads-in-Xbyte_memmem.patch @@ -0,0 +1,54 @@ +From 51bdcdc424bd7169c8cccdc2de7cad17f5ea0f70 Mon Sep 17 00:00:00 2001 +From: Alexander Monakov <amonakov@ispras.ru> +Date: Fri, 30 Jun 2017 00:35:33 +0300 +Subject: [PATCH 21/30] fix OOB reads in Xbyte_memmem + +Reported by Leah Neukirchen. +--- + src/string/memmem.c | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/src/string/memmem.c b/src/string/memmem.c +index 4be6a310..54a66e46 100644 +--- a/src/string/memmem.c ++++ b/src/string/memmem.c +@@ -5,27 +5,27 @@ + static char *twobyte_memmem(const unsigned char *h, size_t k, const unsigned char *n) + { + uint16_t nw = n[0]<<8 | n[1], hw = h[0]<<8 | h[1]; +- for (h++, k--; k; k--, hw = hw<<8 | *++h) +- if (hw == nw) return (char *)h-1; +- return 0; ++ for (h+=2, k-=2; k; k--, hw = hw<<8 | *h++) ++ if (hw == nw) return (char *)h-2; ++ return hw == nw ? (char *)h-2 : 0; + } + + static char *threebyte_memmem(const unsigned char *h, size_t k, const unsigned char *n) + { + uint32_t nw = n[0]<<24 | n[1]<<16 | n[2]<<8; + uint32_t hw = h[0]<<24 | h[1]<<16 | h[2]<<8; +- for (h+=2, k-=2; k; k--, hw = (hw|*++h)<<8) +- if (hw == nw) return (char *)h-2; +- return 0; ++ for (h+=3, k-=3; k; k--, hw = (hw|*h++)<<8) ++ if (hw == nw) return (char *)h-3; ++ return hw == nw ? (char *)h-3 : 0; + } + + static char *fourbyte_memmem(const unsigned char *h, size_t k, const unsigned char *n) + { + uint32_t nw = n[0]<<24 | n[1]<<16 | n[2]<<8 | n[3]; + uint32_t hw = h[0]<<24 | h[1]<<16 | h[2]<<8 | h[3]; +- for (h+=3, k-=3; k; k--, hw = hw<<8 | *++h) +- if (hw == nw) return (char *)h-3; +- return 0; ++ for (h+=4, k-=4; k; k--, hw = hw<<8 | *h++) ++ if (hw == nw) return (char *)h-4; ++ return hw == nw ? (char *)h-4 : 0; + } + + #define MAX(a,b) ((a)>(b)?(a):(b)) +-- +2.13.3 + |