Commit | Line | Data |
---|---|---|
65d54af4 MW |
1 | Copied from Debian. |
2 | ||
3 | description: out-of-bounds read | |
4 | origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585 | |
5 | ||
6 | --- a/source/layout/LETableReference.h | |
7 | +++ b/source/layout/LETableReference.h | |
8 | @@ -322,7 +322,12 @@ LE_TRACE_TR("INFO: new RTAO") | |
9 | } | |
10 | ||
11 | const T& operator()(le_uint32 i, LEErrorCode &success) const { | |
12 | - return *getAlias(i,success); | |
13 | + const T *ret = getAlias(i,success); | |
14 | + if (LE_FAILURE(success) || ret==NULL) { | |
15 | + return *(new T()); | |
16 | + } else { | |
17 | + return *ret; | |
18 | + } | |
19 | } | |
20 | ||
21 | size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const { |