ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2024-11-08 07:56:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix/gnu/packages/patches/glib-CVE-2021-27219-14.patch
Mark H Weaver 21b3b75515
gnu: glib: Fix CVE-2021-27218 and CVE-2021-27219. 
* gnu/packages/patches/glib-CVE-2021-27218.patch,
gnu/packages/patches/glib-CVE-2021-27219-01.patch,
gnu/packages/patches/glib-CVE-2021-27219-02.patch,
gnu/packages/patches/glib-CVE-2021-27219-03.patch,
gnu/packages/patches/glib-CVE-2021-27219-04.patch,
gnu/packages/patches/glib-CVE-2021-27219-05.patch,
gnu/packages/patches/glib-CVE-2021-27219-06.patch,
gnu/packages/patches/glib-CVE-2021-27219-07.patch,
gnu/packages/patches/glib-CVE-2021-27219-08.patch,
gnu/packages/patches/glib-CVE-2021-27219-09.patch,
gnu/packages/patches/glib-CVE-2021-27219-10.patch,
gnu/packages/patches/glib-CVE-2021-27219-11.patch,
gnu/packages/patches/glib-CVE-2021-27219-12.patch,
gnu/packages/patches/glib-CVE-2021-27219-13.patch,
gnu/packages/patches/glib-CVE-2021-27219-14.patch,
gnu/packages/patches/glib-CVE-2021-27219-15.patch,
gnu/packages/patches/glib-CVE-2021-27219-16.patch,
gnu/packages/patches/glib-CVE-2021-27219-17.patch,
gnu/packages/patches/glib-CVE-2021-27219-18.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/glib.scm (glib)[replacement]: New field.
(glib/fixed): New variable.
2021-03-11 06:21:13 -05:00

32 lines
1.1 KiB
Diff
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 4506d1859a863087598c8d122740bae25b65b099 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 8 Feb 2021 10:04:48 +0000
Subject: [PATCH 4/5] gtlspassword: Fix inverted assertion
The intention here was to assert that the length of the password fits
in a gssize. Passwords more than half the size of virtual memory are
probably excessive.
Fixes: a8b204ff "gtlspassword: Forbid very long TLS passwords"
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 61bb52ec42de1082bfb06ce1c737fc295bfe60b8)
---
gio/gtlspassword.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c
index dbcec41a8..bd86a6dfe 100644
--- a/gio/gtlspassword.c
+++ b/gio/gtlspassword.c
@@ -291,7 +291,7 @@ g_tls_password_set_value (GTlsPassword *password,
{
/* FIXME: g_tls_password_set_value_full() doesnt support unsigned gsize */
gsize length_unsigned = strlen ((gchar *) value);
- g_return_if_fail (length_unsigned > G_MAXSSIZE);
+ g_return_if_fail (length_unsigned <= G_MAXSSIZE);
length = (gssize) length_unsigned;
}
--
2.30.1
Reference in a new issue View git blame Copy permalink