community/chicken: security fixes #7402 (CVE-2017-9334)

1 files changed, 41 insertions, 0 deletions

diff --git a/community/chicken/CVE-2017-9334.patch b/community/chicken/CVE-2017-9334.patch
new file mode 100644
index 0000000000..8b593fa58b
--- /dev/null
+++ b/community/chicken/CVE-2017-9334.patch
@@ -0,0 +1,41 @@
+From 76bbb0c92c0a9e2cadac9796e55fdd2836424fdb Mon Sep 17 00:00:00 2001
+From: Peter Bex <address@hidden>
+Date: Sun, 28 May 2017 12:37:44 +0200
+Subject: [PATCH] Fix segmentation fault in "length" on improper lists.
+
+This fixes #1375
+---
+ runtime.c               | 2 +-
+ tests/library-tests.scm | 6 ++++++
+ 3 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/runtime.c b/runtime.c
+index 86db413..7a513c2 100644
+--- a/runtime.c
++++ b/runtime.c
+@@ -5379,7 +5379,7 @@ C_regparm C_word C_fcall C_i_length(C_word lst)
+       }
+     }
+ 
+-    if(C_immediatep(slow) || C_block_header(lst) != C_PAIR_TAG)
++    if(C_immediatep(slow) || C_block_header(slow) != C_PAIR_TAG)
+       barf(C_NOT_A_PROPER_LIST_ERROR, "length", lst);
+ 
+     slow = C_u_i_cdr(slow);
+diff --git a/tests/library-tests.scm b/tests/library-tests.scm
+index cd2f6e9..9c7cab4 100644
+--- a/tests/library-tests.scm
++++ b/tests/library-tests.scm
+@@ -693,3 +693,9 @@ A
+ (assert (not (member "foo" '("bar"))))
+ (assert (not (member "foo" '())))
+ (assert-fail (member "foo" "foo"))
++
++
++;; length
++
++(assert-fail (length 1))
++(assert-fail (length '(x . y)))
+-- 
+2.1.4
+