diff options
author | Nils Freydank <holgersson@posteo.de> | 2017-10-20 22:42:32 +0200 |
---|---|---|
committer | Allan McRae <allan@archlinux.org> | 2017-12-07 05:59:26 +0100 |
commit | ad0517d3711b6826cd7a95b99beb36ccd072c2e0 (patch) | |
tree | 00d0b319c56437d9992f5381c64ed59951bc9319 /scripts | |
parent | 44f3a157983e903f926b4f11ddb3f57d111e60f9 (diff) | |
download | pacman-ad0517d3711b6826cd7a95b99beb36ccd072c2e0.tar.gz pacman-ad0517d3711b6826cd7a95b99beb36ccd072c2e0.tar.xz |
Fix CVE-2016-5434 (DoS/loop and out of boundary read)
This is a rewrite of Tobias Stoeckmann’s patch from June 2016[1] using
functions instead of macros. (Thanks to Tobias for explanations of his patch.)
A short question on Freenode IRC showed that macros are generally discouraged
and functions should be used.
The patch introduces a static size_t length_check() in libalpm/signing.c.
[1] Original patch:
https://lists.archlinux.org/pipermail/pacman-dev/2016-June/021148.html
CVE request (and assignment):
http://seclists.org/oss-sec/2016/q2/526
Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions