diff options
| author | Felix Yan | 2015-07-23 19:55:08 +0800 |
|---|---|---|
| committer | Felix Yan | 2015-07-23 19:55:08 +0800 |
| commit | 46328e7f9a997f2080d9b01ea32910302ca1fbb2 (patch) | |
| tree | ab71f43b4093ed44f201782a09e3b55a9aea3e32 /CVE-2014-3587.patch | |
| download | aur-46328e7f9a997f2080d9b01ea32910302ca1fbb2.tar.gz | |
addpkg: php53 5.3.29-4
Diffstat (limited to 'CVE-2014-3587.patch')
| -rw-r--r-- | CVE-2014-3587.patch | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/CVE-2014-3587.patch b/CVE-2014-3587.patch new file mode 100644 index 000000000000..ae21e3904887 --- /dev/null +++ b/CVE-2014-3587.patch @@ -0,0 +1,18 @@ +From 7ba1409a1aee5925180de546057ddd84ff267947 Mon Sep 17 00:00:00 2001 +From: Remi Collet <rcollet@redhat.com> +Date: Thu, 14 Aug 2014 17:19:03 -0700 +Subject: [PATCH] Fix bug #67716 - Segfault in cdf.c + +Index: b/ext/fileinfo/libmagic/cdf.c +=================================================================== +--- a/ext/fileinfo/libmagic/cdf.c ++++ b/ext/fileinfo/libmagic/cdf.c +@@ -759,7 +759,7 @@ + for (i = 0; i < sh.sh_properties; i++) { + q = (const uint32_t *)((const char *)p + + CDF_TOLE4(p[(i << 1) + 1])) - 2; +- if (q > e) { ++ if (q < p || q > e) { + DPRINTF(("Ran of the end %p > %p\n", q, e)); + goto out; + } |