[jackhill/guix/guix.git] / gnu / packages / patches / icu4c-CVE-2014-6585.patch

Copied from Debian.

description: out-of-bounds read
origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585

--- a/source/layout/LETableReference.h
+++ b/source/layout/LETableReference.h
@@ -322,7 +322,12 @@ LE_TRACE_TR("INFO: new RTAO")
   }
   
   const T& operator()(le_uint32 i, LEErrorCode &success) const {
-    return *getAlias(i,success);
+    const T *ret = getAlias(i,success);
+    if (LE_FAILURE(success) || ret==NULL) {
+      return *(new T());
+    } else {
+      return *ret;
+    }
   }
 
   size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const {
Commit	Line	Data
65d54af4 MW	1	Copied from Debian.
	2
	3	description: out-of-bounds read
	4	origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585
	5
	6	--- a/source/layout/LETableReference.h
	7	+++ b/source/layout/LETableReference.h
	8	@@ -322,7 +322,12 @@ LE_TRACE_TR("INFO: new RTAO")
	9	}
	10
	11	const T& operator()(le_uint32 i, LEErrorCode &success) const {
	12	- return *getAlias(i,success);
	13	+ const T *ret = getAlias(i,success);
	14	+ if (LE_FAILURE(success) \|\| ret==NULL) {
	15	+ return *(new T());
	16	+ } else {
	17	+ return *ret;
	18	+ }
	19	}
	20
	21	size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const {