* [gentoo-commits] gentoo-x86 commit in app-text/chasen/files: chasen-2.4.4-cve-2011-4000.patch
@ 2011-12-18 6:30 Naohiro Aota (naota)
0 siblings, 0 replies; only message in thread
From: Naohiro Aota (naota) @ 2011-12-18 6:30 UTC (permalink / raw
To: gentoo-commits
naota 11/12/18 06:30:57
Added: chasen-2.4.4-cve-2011-4000.patch
Log:
Add security fix. #390769
(Portage version: 2.2.0_alpha79/cvs/Linux x86_64)
Revision Changes Path
1.1 app-text/chasen/files/chasen-2.4.4-cve-2011-4000.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-text/chasen/files/chasen-2.4.4-cve-2011-4000.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-text/chasen/files/chasen-2.4.4-cve-2011-4000.patch?rev=1.1&content-type=text/plain
Index: chasen-2.4.4-cve-2011-4000.patch
===================================================================
diff --git a/lib/chalib.c b/lib/chalib.c
index 5d79e13..cddf51b 100644
--- a/lib/chalib.c
+++ b/lib/chalib.c
@@ -306,9 +306,14 @@ chasen_sparse_main(char *input, FILE *output)
*/
while (*input) {
int c = 0, len, cursor;
- if ((crlf = strpbrk(input, "\r\n")) == NULL)
+ if ((crlf = strpbrk(input, "\r\n")) == NULL) {
len = strlen(input);
- else {
+ if (len >= CHA_INPUT_SIZE) {
+ len = CHA_INPUT_SIZE - 1;
+ crlf = input + CHA_INPUT_SIZE - 2;
+ c = 0;
+ }
+ } else {
len = crlf - input;
c = *crlf;
*crlf = '\0';
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2011-12-18 6:31 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-12-18 6:30 [gentoo-commits] gentoo-x86 commit in app-text/chasen/files: chasen-2.4.4-cve-2011-4000.patch Naohiro Aota (naota)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox