Commit | Line | Data |
---|---|---|
0c0c20aa AM |
1 | From 0f6c3d3f7efb5d66dabf69c36e06912d89ff96fc Mon Sep 17 00:00:00 2001 |
2 | From: Qualys Security Advisory <qsa@qualys.com> | |
3 | Date: Sun, 21 Feb 2021 19:28:28 -0800 | |
4 | Subject: [PATCH 06/29] CVE-2020-28013: Heap buffer overflow in | |
5 | parse_fix_phrase() | |
6 | ||
7 | Based on Phil Pennock's commit 8a50c88a. | |
8 | --- | |
9 | src/parse.c | 9 ++++++--- | |
10 | 1 file changed, 6 insertions(+), 3 deletions(-) | |
11 | ||
12 | diff --git a/src/parse.c b/src/parse.c | |
13 | index 4b0efa0e1..e1e2e7358 100644 | |
14 | --- a/src/parse.c | |
15 | +++ b/src/parse.c | |
16 | @@ -1149,9 +1149,12 @@ while (s < end) | |
17 | { | |
18 | if (ss >= end) ss--; | |
19 | *t++ = '('; | |
20 | - Ustrncpy(t, s, ss-s); | |
21 | - t += ss-s; | |
22 | - s = ss; | |
23 | + if (ss > s) | |
24 | + { | |
25 | + Ustrncpy(t, s, ss-s); | |
26 | + t += ss-s; | |
27 | + s = ss; | |
28 | + } | |
29 | } | |
30 | } | |
31 | ||
32 | -- | |
33 | 2.30.2 | |
34 |