diff options
Diffstat (limited to 'main/busybox/0015-CVE-2017-15874.patch')
| -rw-r--r-- | main/busybox/0015-CVE-2017-15874.patch | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/main/busybox/0015-CVE-2017-15874.patch b/main/busybox/0015-CVE-2017-15874.patch deleted file mode 100644 index f2ec506ef5..0000000000 --- a/main/busybox/0015-CVE-2017-15874.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 9ac42c500586fa5f10a1f6d22c3f797df11b1f6b Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko <vda.linux@googlemail.com> -Date: Fri, 27 Oct 2017 15:37:03 +0200 -Subject: unlzma: fix SEGV, closes 10436 - -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> ---- - archival/libarchive/decompress_unlzma.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/archival/libarchive/decompress_unlzma.c b/archival/libarchive/decompress_unlzma.c -index a904087..be43424 100644 ---- a/archival/libarchive/decompress_unlzma.c -+++ b/archival/libarchive/decompress_unlzma.c -@@ -450,8 +450,12 @@ unpack_lzma_stream(transformer_state_t *xstate) - IF_NOT_FEATURE_LZMA_FAST(string:) - do { - uint32_t pos = buffer_pos - rep0; -- if ((int32_t)pos < 0) -+ if ((int32_t)pos < 0) { - pos += header.dict_size; -+ /* bug 10436 has an example file where this triggers: */ -+ if ((int32_t)pos < 0) -+ goto bad; -+ } - previous_byte = buffer[pos]; - IF_NOT_FEATURE_LZMA_FAST(one_byte2:) - buffer[buffer_pos++] = previous_byte; --- -cgit v0.12 - |