mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-27 06:42:14 -05:00
b66fc0a64b
* gnu/packages/patches/bsdiff-CVE-2014-9862.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/compression.scm (bsdiff): Apply it.
15 lines
304 B
Diff
15 lines
304 B
Diff
diff --git a/bspatch.c b/bspatch.c
|
|
index 8d95633..ab77722 100644
|
|
--- a/bspatch.c
|
|
+++ b/bspatch.c
|
|
|
|
@@ -187,6 +187,10 @@
|
|
};
|
|
|
|
/* Sanity-check */
|
|
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
|
|
+ errx(1,"Corrupt patch\n");
|
|
+
|
|
+ /* Sanity-check */
|
|
if(newpos+ctrl[0]>newsize)
|
|
errx(1,"Corrupt patch\n");
|