summarylogtreecommitdiffstats
path: root/CVE-2006-0048.patch
blob: 4155a86805dc0e9837a54c1ac2e011fec7bf9984 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Description: Fix for CVE-2006-0048
Author: C├ędric Delfosse <cedric@debian.org>
Origin: vendor
Bug-Debian: http://bugs.debian.org/360571
Last-Update: 2006-04-14

--- a/src/write.c
+++ b/src/write.c
@@ -244,6 +244,9 @@ out_flavour( enum FLAVOUR flavour,
 	if( flags.separator && ( out == stdout ) ) /* FIXME: sucks? */
 		color( c_SEPARATOR, stdout, SEPARATOR "\n" );
 
+	/* Temporary fix for CVE-2006-0048 */
+	if (buflen < 0) buflen = 0;
+	
 	switch ( flavour ) {
 	case HEX_ASCII_DUMP:
 		out_xa( out, buf, buflen );