Commit | Line | Data |
---|---|---|
e47c69f2 EF |
1 | https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22.patch |
2 | The leading part of the patch starting at line 27 was trimmed off. | |
3 | This patch should be OK to drop with file@5.35. | |
4 | ||
5 | From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001 | |
6 | From: Christos Zoulas <christos@zoulas.com> | |
7 | Date: Sat, 9 Jun 2018 16:00:06 +0000 | |
8 | Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis) | |
9 | ||
10 | --- | |
11 | src/readelf.c | 5 +++-- | |
12 | 1 file changed, 3 insertions(+), 2 deletions(-) | |
13 | ||
14 | diff --git a/src/readelf.c b/src/readelf.c | |
15 | index 79c83f9f5..1f41b4611 100644 | |
16 | --- a/src/readelf.c | |
17 | +++ b/src/readelf.c | |
18 | @@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, | |
19 | ||
20 | cname = (unsigned char *) | |
21 | &nbuf[doff + prpsoffsets(i)]; | |
22 | - for (cp = cname; *cp && isprint(*cp); cp++) | |
23 | + for (cp = cname; cp < nbuf + size && *cp | |
24 | + && isprint(*cp); cp++) | |
25 | continue; | |
26 | /* | |
27 | * Linux apparently appends a space at the end |