blob: 4155a86805dc0e9837a54c1ac2e011fec7bf9984 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: Fix for CVE-2006-0048
Author: Cédric Delfosse <cedric@debian.org>
Origin: vendor
Bug-Debian: http://bugs.debian.org/360571
Last-Update: 2006-04-14
--- a/src/write.c
+++ b/src/write.c
@@ -244,6 +244,9 @@ out_flavour( enum FLAVOUR flavour,
if( flags.separator && ( out == stdout ) ) /* FIXME: sucks? */
color( c_SEPARATOR, stdout, SEPARATOR "\n" );
+ /* Temporary fix for CVE-2006-0048 */
+ if (buflen < 0) buflen = 0;
+
switch ( flavour ) {
case HEX_ASCII_DUMP:
out_xa( out, buf, buflen );
|